Hacker News new | past | comments | ask | show | jobs | submit login

I was just reading through Adam Langley's description of the bug and this jumped out at me:

> The code will always jump to the end from that second goto, err will contain a successful value because the SHA1 update operation was successful and so the signature verification will never fail.

Wait, Apple still uses SHA1? Are they aware it's banned from use (by NIST, no less) starting with this year?

http://www.zdnet.com/nist-makes-a-hash-of-sha-1-ban-70000259...

Maybe they'd want to take this opportunity to fix that, too...




If a certificate uses SHA1, Apple (or any other vendor) can't help but use that for verification…


They can't refuse to use it? It seems to me that SHA1 should be depracated.


I don't think you understand what the code is doing.

This is verifying certificates for HTTPS connections - not creating them. If they removed the SHA1 verification, you can no longer visit hundreds of millions of sites that haven't updated their certificates yet.

It's the people still using certificates with SHA1 hashes that need to upgrade.


But if browser makers decided not to support the hashes, the website owners would have to upgrade. Why allow them to continue to use weak hashes?


Because there isn't an attack that affects them.


As in, refuse to allow their browser to talk to sites on the Internet?


The percentage of sites using SHA256 certificate is tiny, and most CAs are still SHA1 based.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: