savannah-hackers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Savannah-help-public] [sr #106651] Savannah should use CAcert.org-signe

From: Nicodemo Alvaro
Subject: [Savannah-help-public] [sr #106651] Savannah should use CAcert.org-signed SSL certificates
Date: Fri, 27 Feb 2009 02:08:28 +0000
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.6) Gecko/2009020517 IceCat/3.0.6-g1 
Follow-up Comment #6, sr #106651 (project administration):

Does Savannah use MD5 for the signature? I recall seeing some documentation
on how to verify the ssl certificate and now I do not see it. According to
this article, md5 signatures are very bad and have been cracked. Negate
Schneier's messages about how nobody cares about SSL; it would be better to
worry about what is the best practice.

http://www.schneier.com/blog/archives/2008/12/forging_ssl_cer.html

    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/support/?106651>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]