Basically, the next release of every browser is going to stop accepting MD5 SSL certificates. Until then, SSL certificates aren't worth very much. At least two major CAs -- Geotrust and GTE CyberTrust -- have been issuing loads of MD5 certs. They're going to go through a major re-issuance phase, or else be laughed at when they try to downplay the significance of the breach.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
(no subject)
Date: 2008-12-31 06:39 pm (UTC)Basically, the next release of every browser is going to stop accepting MD5 SSL certificates. Until then, SSL certificates aren't worth very much. At least two major CAs -- Geotrust and GTE CyberTrust -- have been issuing loads of MD5 certs. They're going to go through a major re-issuance phase, or else be laughed at when they try to downplay the significance of the breach.