Bug 6609 – Add randomess to GS-CA signed certificates

Bug 6609 - Add randomess to GS-CA signed certificates

Summary:

Add randomess to GS-CA signed certificates

Status:	ASSIGNED

Product:	GridShib
Component:	GridShib-CA
Version:	0.5
Platform:	All All

Importance:	P3 enhancement
Target Milestone:	---
Assigned To:	Von Welch

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2009-01-02 08:36 by Von Welch
Modified:	2009-12-17 20:53 (History)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From Von Welch 2009-01-02 08:36:21

Adding randomness to the serial numbers of GS-CA signed certificates would
mitigate threats posed by current MD5 attacks (and other hash algorithms in the
future).

------- Comment #1 From Von Welch 2009-12-17 20:52:38 -------

See Bug 6614 for details.

------- Comment #2 From Von Welch 2009-12-17 20:53:48 -------

I'm removing this as a blocker from 2.0 as it is, in my judgment, not a big
security risk at this time.