undefined | Better HN

0 pointsbjornsing9y ago0 comments

Interesting! :)

But isn't the real lesson here that X.509 is flawed?

Also, as the linked article says:

> The bottom line is that no widely-studied hash function has ever succumbed to a (second-)pre-image attack except for one.

And there are signatures that are provably resistant to collisions, shouldn't we move to such signatures?

0 comments

2 comments · 1 top-level

pvg9y ago· 1 in thread

But isn't the real lesson here that X.509 is flawed

I don't think that's the case

And there are signatures that are provably resistant to collisions, shouldn't we move to such signatures?

It's just much simpler to move to a better hash function.

> It's just much simpler to move to a better hash function.

I don't see how one excludes the other. :P

j / k navigate · click thread line to collapse