[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_2_9_9-93-g3291383
|
From: |
Simon Josefsson |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_2_9_9-93-g3291383 |
|
Date: |
Wed, 27 Jan 2010 15:39:14 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=329138359a256f346e3c10f323d5d87cfc08cdeb
The branch, master has been updated
via 329138359a256f346e3c10f323d5d87cfc08cdeb (commit)
from 17e65babe4476385a0e2b3f4b3558b69bc325516 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 329138359a256f346e3c10f323d5d87cfc08cdeb
Author: Simon Josefsson <address@hidden>
Date: Wed Jan 27 16:39:09 2010 +0100
License fix.
-----------------------------------------------------------------------
Summary of changes:
tests/key-id/README | 2 +-
tests/libgcrypt.supp | 2 +-
tests/rsa-md5-collision/Makefile.am | 2 +-
tests/rsa-md5-collision/README | 607 ++++++++++++++++++++++++++++++++++-
tests/rsa-md5-collision/mbox | 600 ----------------------------------
tests/userid/userid.pem | 26 +-
6 files changed, 621 insertions(+), 618 deletions(-)
delete mode 100644 tests/rsa-md5-collision/mbox
diff --git a/tests/key-id/README b/tests/key-id/README
index 013319b..dec76c5 100644
--- a/tests/key-id/README
+++ b/tests/key-id/README
@@ -1,5 +1,5 @@
authkeyid README -- Information about auth-key-id self test.
-Copyright (C) 2007 Simon Josefsson
+Copyright (C) 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
See the end for copying conditions.
This directory contains a check to find regressions for the bug
diff --git a/tests/libgcrypt.supp b/tests/libgcrypt.supp
index 6cc27be..3766b25 100644
--- a/tests/libgcrypt.supp
+++ b/tests/libgcrypt.supp
@@ -1,6 +1,6 @@
# libgcrypt.supp -- Valgrind suppresion file for libgcrypt
-# Copyright (C) 2008, 2009 Simon Josefsson
+# Copyright (C) 2008, 2009, 2010 Free Software Foundation, Inc.
# Copying and distribution of this file, with or without modification,
# are permitted in any medium without royalty provided the copyright
diff --git a/tests/rsa-md5-collision/Makefile.am
b/tests/rsa-md5-collision/Makefile.am
index c675667..14253d6 100644
--- a/tests/rsa-md5-collision/Makefile.am
+++ b/tests/rsa-md5-collision/Makefile.am
@@ -22,7 +22,7 @@
EXTRA_DIST = MD5CollisionCA.cer \
TargetCollidingCertificate1.cer \
TargetCollidingCertificate2.cer \
- README mbox
+ README
dist_check_SCRIPTS = rsa-md5-collision
diff --git a/tests/rsa-md5-collision/README b/tests/rsa-md5-collision/README
index a3b6c89..98892d6 100644
--- a/tests/rsa-md5-collision/README
+++ b/tests/rsa-md5-collision/README
@@ -1,5 +1,5 @@
rsa-md5-collision README -- Information about rsa-md5-collision self tests.
-Copyright (C) 2006 Simon Josefsson
+Copyright (C) 2006, 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
See the end for copying conditions.
This directory contains colliding X.509 certificates for different
@@ -11,10 +11,611 @@ The certificates are used by a simple self-test script,
rsa-md5-collision, that check to make sure that GnuTLS reject both
certificate chains.
-The file mbox contain mail exchanges with the authors where they agree
-to release the certificates under a permissive license, that allow the
+Below is the e-mail exchanges with the authors where they agree to
+release the certificates under a permissive license, that allow the
files to be included here.
+X-Hashcash: 1:22:061024:address@hidden::NIoLZwQj6TTZ4YZK:BUuA
+X-Hashcash: 1:22:061024:address@hidden::NgTq8sJW1QBlX/rv:g9Z
+From: Simon Josefsson <address@hidden>
+To: "Weger\, B.M.M. de" <address@hidden>, address@hidden, address@hidden
+Subject: Re: target collisions and colliding certificates with different
identities
+References: <address@hidden>
+OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
+X-Draft-From: ("gmane.ietf.irtf.cfrg" 784)
+X-Hashcash: 1:22:061024:address@hidden::aYYmnRc08nJKaUMk:6ddD
+Date: Tue, 24 Oct 2006 08:28:07 +0200
+In-Reply-To: <address@hidden>
+ (B. M. M. de Weger's message of "Mon\, 23 Oct 2006 23\:58\:21 +0200")
+Message-ID: <address@hidden>
+User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=us-ascii
+Lines: 48
+Xref: localhost.localdomain rsa-md5:1
+
+Great work, thanks!
+
+I'd like to include your certificates in GnuTLS, a TLS implementation
+that supports X.509, as self-tests of the the certificate verification
+logic. Is this OK with you?
+
+Btw, Gnutls rejected the certificates, we already disable MD5 for
+verification purposes. :)
+
+For our legal department, I'd like a clarification of the license on
+the data, would you agree to release the certificates under the
+following license?
+
+ Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
+
+ Copying and distribution of this file, with or without modification,
+ are permitted in any medium without royalty provided the copyright
+ notice and this notice are preserved.
+
+Also, if any other authors contributed, they would have to agree to
+this license as well. Are there other authors?
+
+Best regards, and thanks in advance,
+Simon
+
+"Weger, B.M.M. de" <address@hidden> writes:
+
+> Hi all,
+>
+> We announce:
+> - an example of a target collision for MD5; this means:
+> for two chosen messages m1 and m2 we have constructed
+> appendages b1 and b2 to make the messages collide
+> under MD5, i.e. MD5(m1||b1) = MD5(m2||b2);
+> said differently: we can cause an MD5 collision for
+> any pair of distinct IHVs;
+> - an example of a pair of valid, unsuspicious X.509
+> certificates with distinct Distinguished Name fields,
+> but identical CA signatures; this example makes use
+> of the target collision.
+>
+> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
+> where the certificates and a more detailed announcement
+> can be found.
+>
+> Marc Stevens
+> Arjen Lenstra
+> Benne de Weger
+Return-Path: <address@hidden>
+Received: from yxa.extundo.com ([unix socket])
+ by yxa-iv (Cyrus v2.1.18-IPv6-Debian-2.1.18-1+sarge2) with LMTP; Tue,
24 Oct 2006 08:32:12 +0200
+X-Sieve: CMU Sieve 2.2
+Received: from smtp1.epfl.ch (smtp1.epfl.ch [128.178.50.22])
+ by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with SMTP id
k9O6VvPx016489
+ for <address@hidden>; Tue, 24 Oct 2006 08:31:57 +0200
+Received: (qmail 16665 invoked by uid 107); 24 Oct 2006 06:31:51 -0000
+Received: from mailav1.epfl.ch (128.178.50.190)
+ by smtp1.epfl.ch with SMTP; 24 Oct 2006 06:31:51 -0000
+Received: from (smtp2.epfl.ch [128.178.50.133]) by MAILAV1.epfl.ch with smtp
+ id 3c76_55596730_6329_11db_9dfc_001143d18479;
+ Tue, 24 Oct 2006 08:31:51 +0200
+Received: from rex1.epfl.ch (128.178.50.178)
+ by smtp2.epfl.ch (AngelmatoPhylax SMTP proxy); Tue, 24 Oct 2006 08:31:51
+0200
+X-MimeOLE: Produced By Microsoft Exchange V6.5
+Content-class: urn:content-classes:message
+MIME-Version: 1.0
+Content-Type: text/plain;
+ charset="iso-8859-1"
+Content-Transfer-Encoding: quoted-printable
+Subject: RE: target collisions and colliding certificates with different
identities
+Date: Tue, 24 Oct 2006 08:31:42 +0200
+Message-ID: <address@hidden>
+In-Reply-To: <address@hidden>
+X-MS-Has-Attach:
+X-MS-TNEF-Correlator:
+Thread-Topic: target collisions and colliding certificates with different
identities
+Thread-Index: Acb3NZO8kzaCp7NPSV29z2Ydtt/p5gAAEyEg
+From: "Arjen Lenstra" <address@hidden>
+To: "Simon Josefsson" <address@hidden>,
+ "Weger, B.M.M. de" <address@hidden>,
+ <address@hidden>
+X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham
+ version=3.1.1
+X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv
+X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on
yxa.extundo.com
+X-Virus-Status: Clean
+Lines: 75
+Xref: localhost.localdomain rsa-md5:2
+
+Hi,
+Thanks!
+I can't speak for my coauthors, but it's all fine with me, though I find =
+the year in your proposed copyright statement a bit odd (I would have =
+expected 2006). There are no more authros involved.
+
+best regards, Arjen Lenstra
+
+----------------
+Arjen K. Lenstra a k l @ e p f l . c h
+EPFL IC LACAL
+INJ 330 (B=E2timent INJ)
+Station 14
+CH-1015 Lausanne, Switzerland
+T=E9l: + 41 21 693 8101
+Fax: + 41 21 693 7550
+=20
+=20
+
+-----Original Message-----
+From: Simon Josefsson [mailto:address@hidden
+Sent: Tuesday, October 24, 2006 8:28 AM
+To: Weger, B.M.M. de; address@hidden; Arjen Lenstra
+Subject: Re: target collisions and colliding certificates with different =
+identities
+
+Great work, thanks!
+
+I'd like to include your certificates in GnuTLS, a TLS implementation
+that supports X.509, as self-tests of the the certificate verification
+logic. Is this OK with you?
+
+Btw, Gnutls rejected the certificates, we already disable MD5 for
+verification purposes. :)
+
+For our legal department, I'd like a clarification of the license on
+the data, would you agree to release the certificates under the
+following license?
+
+ Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
+
+ Copying and distribution of this file, with or without =
+modification,
+ are permitted in any medium without royalty provided the copyright
+ notice and this notice are preserved.
+
+Also, if any other authors contributed, they would have to agree to
+this license as well. Are there other authors?
+
+Best regards, and thanks in advance,
+Simon
+
+"Weger, B.M.M. de" <address@hidden> writes:
+
+> Hi all,
+>
+> We announce:
+> - an example of a target collision for MD5; this means:=20
+> for two chosen messages m1 and m2 we have constructed=20
+> appendages b1 and b2 to make the messages collide=20
+> under MD5, i.e. MD5(m1||b1) =3D MD5(m2||b2);
+> said differently: we can cause an MD5 collision for=20
+> any pair of distinct IHVs;
+> - an example of a pair of valid, unsuspicious X.509=20
+> certificates with distinct Distinguished Name fields,=20
+> but identical CA signatures; this example makes use=20
+> of the target collision.
+>
+> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
+> where the certificates and a more detailed announcement=20
+> can be found.
+>
+> Marc Stevens
+> Arjen Lenstra
+> Benne de Weger
+From: Simon Josefsson <address@hidden>
+To: "Arjen Lenstra" <address@hidden>
+Cc: "Weger\, B.M.M. de" <address@hidden>, <address@hidden>
+Subject: Re: target collisions and colliding certificates with different
identities
+References: <address@hidden>
+OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
+X-Draft-From: ("nnimap+yxa:INBOX.private.2006.10" 623)
+X-Hashcash: 1:22:061024:address@hidden::pMR7JuXUTTt/Zjut:0aGD
+X-Hashcash: 1:22:061024:address@hidden::juw1iXMSKV62mZGj:CBbu
+X-Hashcash: 1:22:061024:address@hidden::SJdQwxRXP39Dw2C4:n6ia
+Date: Tue, 24 Oct 2006 08:43:59 +0200
+In-Reply-To: <address@hidden>
+ (Arjen Lenstra's message of "Tue\, 24 Oct 2006 08\:31\:42 +0200")
+Message-ID: <address@hidden>
+User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=iso-8859-1
+Content-Transfer-Encoding: 8bit
+Lines: 80
+Xref: localhost.localdomain rsa-md5:3
+
+"Arjen Lenstra" <address@hidden> writes:
+
+> Hi,
+> Thanks!
+> I can't speak for my coauthors, but it's all fine with me, though I
+> find the year in your proposed copyright statement a bit odd (I
+> would have expected 2006). There are no more authros involved.
+
+Thanks. Duh, I meant 2006, of course. I'd appreciate if Marc and
+Benne also replied.
+
+/Simon
+
+> best regards, Arjen Lenstra
+>
+> ----------------
+> Arjen K. Lenstra a k l @ e p f l . c h
+> EPFL IC LACAL
+> INJ 330 (Bâtiment INJ)
+> Station 14
+> CH-1015 Lausanne, Switzerland
+> Tél: + 41 21 693 8101
+> Fax: + 41 21 693 7550
+>
+>
+>
+> -----Original Message-----
+> From: Simon Josefsson [mailto:address@hidden
+> Sent: Tuesday, October 24, 2006 8:28 AM
+> To: Weger, B.M.M. de; address@hidden; Arjen Lenstra
+> Subject: Re: target collisions and colliding certificates with different
identities
+>
+> Great work, thanks!
+>
+> I'd like to include your certificates in GnuTLS, a TLS implementation
+> that supports X.509, as self-tests of the the certificate verification
+> logic. Is this OK with you?
+>
+> Btw, Gnutls rejected the certificates, we already disable MD5 for
+> verification purposes. :)
+>
+> For our legal department, I'd like a clarification of the license on
+> the data, would you agree to release the certificates under the
+> following license?
+>
+> Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
+>
+> Copying and distribution of this file, with or without modification,
+> are permitted in any medium without royalty provided the copyright
+> notice and this notice are preserved.
+>
+> Also, if any other authors contributed, they would have to agree to
+> this license as well. Are there other authors?
+>
+> Best regards, and thanks in advance,
+> Simon
+>
+> "Weger, B.M.M. de" <address@hidden> writes:
+>
+>> Hi all,
+>>
+>> We announce:
+>> - an example of a target collision for MD5; this means:
+>> for two chosen messages m1 and m2 we have constructed
+>> appendages b1 and b2 to make the messages collide
+>> under MD5, i.e. MD5(m1||b1) = MD5(m2||b2);
+>> said differently: we can cause an MD5 collision for
+>> any pair of distinct IHVs;
+>> - an example of a pair of valid, unsuspicious X.509
+>> certificates with distinct Distinguished Name fields,
+>> but identical CA signatures; this example makes use
+>> of the target collision.
+>>
+>> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
+>> where the certificates and a more detailed announcement
+>> can be found.
+>>
+>> Marc Stevens
+>> Arjen Lenstra
+>> Benne de Weger
+Return-Path: <address@hidden>
+Received: from yxa.extundo.com ([unix socket])
+ by yxa-iv (Cyrus v2.1.18-IPv6-Debian-2.1.18-1+sarge2) with LMTP; Tue,
24 Oct 2006 09:23:28 +0200
+X-Sieve: CMU Sieve 2.2
+Received: from ipact2.infopact.nl (ipact2.infopact.nl [212.29.160.71])
+ by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id
k9O7NIbh023920
+ (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
+ for <address@hidden>; Tue, 24 Oct 2006 09:23:22 +0200
+Received: from ipact2.infopact.nl (localhost.localdomain [127.0.0.1])
+ by ipact2.infopact.nl (8.13.7/8.13.7) with ESMTP id k9O7NAZd008636
+ for <address@hidden>; Tue, 24 Oct 2006 09:23:11 +0200
+Received: (from address@hidden)
+ by ipact2.infopact.nl (8.13.7/8.13.7/Submit) id k9O7J939006762
+ for <address@hidden>; Tue, 24 Oct 2006 09:19:09 +0200
+Received: from smtp.banaan.org (72-130-ftth.onsnet.nu [88.159.130.72])
+ by ipact2.infopact.nl (envelope-sender <address@hidden>) (MIMEDefang)
with ESMTP id k9O7J72W006742; Tue, 24 Oct 2006 09:19:09 +0200 (CEST)
+Received: by smtp.banaan.org (Postfix, from userid 1018)
+ id DE1B689D80; Tue, 24 Oct 2006 09:19:06 +0200 (CEST)
+X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv
+X-Spam-Level:
+X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00,FORGED_RCVD_HELO
+ autolearn=ham version=3.1.1
+Received: from s478591 (cp688553-a.tilbu1.nb.home.nl [84.24.55.50])
+ by smtp.banaan.org (Postfix) with ESMTP id 5EE4889EF9;
+ Tue, 24 Oct 2006 09:18:57 +0200 (CEST)
+Message-ID: <address@hidden>
+From: "Marc Stevens" <address@hidden>
+To: "Simon Josefsson" <address@hidden>,
+ "Arjen Lenstra" <address@hidden>
+Cc: "Weger, B.M.M. de" <address@hidden>
+References: <address@hidden> <address@hidden>
+Subject: Re: target collisions and colliding certificates with different
identities
+Date: Tue, 24 Oct 2006 09:18:50 +0200
+MIME-Version: 1.0
+Content-Type: text/plain;
+ format=flowed;
+ charset="iso-8859-1";
+ reply-type=original
+Content-Transfer-Encoding: 8bit
+X-Priority: 3
+X-MSMail-Priority: Normal
+X-Mailer: Microsoft Outlook Express 6.00.2900.2869
+X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
+X-Scanned-By: MIMEDefang - SpamAssassin on 212.29.160.71
+X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on
yxa.extundo.com
+X-Virus-Status: Clean
+Lines: 101
+Xref: localhost.localdomain rsa-md5:4
+
+Hi Simon,
+
+Thanks!
+I am also okay with the proposed license.
+
+Kind regards,
+ Marc
+
+----- Original Message -----
+From: "Simon Josefsson" <address@hidden>
+To: "Arjen Lenstra" <address@hidden>
+Cc: "Weger, B.M.M. de" <address@hidden>;
+<address@hidden>
+Sent: Tuesday, October 24, 2006 8:43 AM
+Subject: Re: target collisions and colliding certificates with different
+identities
+
+
+> "Arjen Lenstra" <address@hidden> writes:
+>
+>> Hi,
+>> Thanks!
+>> I can't speak for my coauthors, but it's all fine with me, though I
+>> find the year in your proposed copyright statement a bit odd (I
+>> would have expected 2006). There are no more authros involved.
+>
+> Thanks. Duh, I meant 2006, of course. I'd appreciate if Marc and
+> Benne also replied.
+>
+> /Simon
+>
+>> best regards, Arjen Lenstra
+>>
+>> ----------------
+>> Arjen K. Lenstra a k l @ e p f l . c h
+>> EPFL IC LACAL
+>> INJ 330 (Bâtiment INJ)
+>> Station 14
+>> CH-1015 Lausanne, Switzerland
+>> Tél: + 41 21 693 8101
+>> Fax: + 41 21 693 7550
+>>
+>>
+>>
+>> -----Original Message-----
+>> From: Simon Josefsson [mailto:address@hidden
+>> Sent: Tuesday, October 24, 2006 8:28 AM
+>> To: Weger, B.M.M. de; address@hidden; Arjen Lenstra
+>> Subject: Re: target collisions and colliding certificates with different
+>> identities
+>>
+>> Great work, thanks!
+>>
+>> I'd like to include your certificates in GnuTLS, a TLS implementation
+>> that supports X.509, as self-tests of the the certificate verification
+>> logic. Is this OK with you?
+>>
+>> Btw, Gnutls rejected the certificates, we already disable MD5 for
+>> verification purposes. :)
+>>
+>> For our legal department, I'd like a clarification of the license on
+>> the data, would you agree to release the certificates under the
+>> following license?
+>>
+>> Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
+>>
+>> Copying and distribution of this file, with or without modification,
+>> are permitted in any medium without royalty provided the copyright
+>> notice and this notice are preserved.
+>>
+>> Also, if any other authors contributed, they would have to agree to
+>> this license as well. Are there other authors?
+>>
+>> Best regards, and thanks in advance,
+>> Simon
+>>
+>> "Weger, B.M.M. de" <address@hidden> writes:
+>>
+>>> Hi all,
+>>>
+>>> We announce:
+>>> - an example of a target collision for MD5; this means:
+>>> for two chosen messages m1 and m2 we have constructed
+>>> appendages b1 and b2 to make the messages collide
+>>> under MD5, i.e. MD5(m1||b1) = MD5(m2||b2);
+>>> said differently: we can cause an MD5 collision for
+>>> any pair of distinct IHVs;
+>>> - an example of a pair of valid, unsuspicious X.509
+>>> certificates with distinct Distinguished Name fields,
+>>> but identical CA signatures; this example makes use
+>>> of the target collision.
+>>>
+>>> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
+>>> where the certificates and a more detailed announcement
+>>> can be found.
+>>>
+>>> Marc Stevens
+>>> Arjen Lenstra
+>>> Benne de Weger
+>
+
+Return-Path: <address@hidden>
+Received: from yxa.extundo.com ([unix socket])
+ by yxa-iv (Cyrus v2.1.18-IPv6-Debian-2.1.18-1+sarge2) with LMTP; Tue,
24 Oct 2006 10:55:48 +0200
+X-Sieve: CMU Sieve 2.2
+Received: from mailhost.tue.nl (mailhost.tue.nl [131.155.2.19])
+ by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id
k9O8te8O005696
+ for <address@hidden>; Tue, 24 Oct 2006 10:55:40 +0200
+Received: from localhost (localhost [127.0.0.1])
+ by mailhost.tue.nl (Postfix) with ESMTP id B6C745C297;
+ Tue, 24 Oct 2006 10:55:39 +0200 (CEST)
+X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on
yxa.extundo.com
+X-Virus-Scanned: amavisd-new at tue.nl
+Received: from mailhost.tue.nl ([131.155.2.19])
+ by localhost (pastinakel.tue.nl [127.0.0.1]) (amavisd-new, port 10024)
+ with ESMTP id 84pZYnFvD8HO; Tue, 24 Oct 2006 10:55:39 +0200 (CEST)
+Received: from EXCHANGE3.campus.tue.nl (xserver3.campus.tue.nl [131.155.6.6])
+ by mailhost.tue.nl (Postfix) with ESMTP id 1CFE55C293;
+ Tue, 24 Oct 2006 10:55:39 +0200 (CEST)
+X-MimeOLE: Produced By Microsoft Exchange V6.5
+Content-class: urn:content-classes:message
+MIME-Version: 1.0
+Content-Type: text/plain;
+ charset="iso-8859-1"
+Content-Transfer-Encoding: quoted-printable
+Subject: RE: target collisions and colliding certificates with different
identities
+Date: Tue, 24 Oct 2006 10:55:38 +0200
+Message-ID: <address@hidden>
+In-Reply-To: <address@hidden>
+X-MS-Has-Attach:
+X-MS-TNEF-Correlator:
+Thread-Topic: target collisions and colliding certificates with different
identities
+Thread-Index: Acb3N816trM39dt6Tmef1RZSgSRhMQAEdpog
+From: "Weger, B.M.M. de" <address@hidden>
+To: "Simon Josefsson" <address@hidden>
+Cc: "Stevens, M.M.J." <address@hidden>,
+ "Arjen Lenstra" <address@hidden>
+X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham
+ version=3.1.1
+X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv
+X-Virus-Status: Clean
+Lines: 123
+Xref: localhost.localdomain rsa-md5:5
+
+Hi Simon,
+
+When your software rejects any MD5 certificate I don't see why
+you would use our colliding ones, doesn't it mean that you'll=20
+have more explaining to do?
+But when you want it this way, it's fine with me too.
+
+Grtz,
+Benne
+
+=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
+=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
+Technische Universiteit Eindhoven
+Coding & Crypto Groep
+Faculteit Wiskunde en Informatica
+Den Dolech 2
+Postbus 513
+5600 MB Eindhoven
+kamer: HG 9.84
+tel.: (040) 247 2704, bgg 5141
+e-mail: address@hidden
+www: http://www.win.tue.nl/~bdeweger
+=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
+=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
+
+
+ =20
+
+> -----Original Message-----
+> From: Simon Josefsson [mailto:address@hidden
+> Sent: dinsdag 24 oktober 2006 8:44
+> To: Arjen Lenstra
+> Cc: Weger, B.M.M. de; Stevens, M.M.J.
+> Subject: Re: target collisions and colliding certificates=20
+> with different identities
+>=20
+> "Arjen Lenstra" <address@hidden> writes:
+>=20
+> > Hi,
+> > Thanks!
+> > I can't speak for my coauthors, but it's all fine with me, though I
+> > find the year in your proposed copyright statement a bit odd (I
+> > would have expected 2006). There are no more authros involved.
+>=20
+> Thanks. Duh, I meant 2006, of course. I'd appreciate if Marc and
+> Benne also replied.
+>=20
+> /Simon
+>=20
+> > best regards, Arjen Lenstra
+> >
+> > ----------------
+> > Arjen K. Lenstra a k l @ e p f l . c h
+> > EPFL IC LACAL
+> > INJ 330 (B=E2timent INJ)
+> > Station 14
+> > CH-1015 Lausanne, Switzerland
+> > T=E9l: + 41 21 693 8101
+> > Fax: + 41 21 693 7550
+> > =20
+> > =20
+> >
+> > -----Original Message-----
+> > From: Simon Josefsson [mailto:address@hidden
+> > Sent: Tuesday, October 24, 2006 8:28 AM
+> > To: Weger, B.M.M. de; address@hidden; Arjen Lenstra
+> > Subject: Re: target collisions and colliding certificates=20
+> with different identities
+> >
+> > Great work, thanks!
+> >
+> > I'd like to include your certificates in GnuTLS, a TLS=20
+> implementation
+> > that supports X.509, as self-tests of the the certificate=20
+> verification
+> > logic. Is this OK with you?
+> >
+> > Btw, Gnutls rejected the certificates, we already disable MD5 for
+> > verification purposes. :)
+> >
+> > For our legal department, I'd like a clarification of the license on
+> > the data, would you agree to release the certificates under the
+> > following license?
+> >
+> > Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra,=20
+> Benne de Weger
+> >
+> > Copying and distribution of this file, with or without=20
+> modification,
+> > are permitted in any medium without royalty provided=20
+> the copyright
+> > notice and this notice are preserved.
+> >
+> > Also, if any other authors contributed, they would have to agree to
+> > this license as well. Are there other authors?
+> >
+> > Best regards, and thanks in advance,
+> > Simon
+> >
+> > "Weger, B.M.M. de" <address@hidden> writes:
+> >
+> >> Hi all,
+> >>
+> >> We announce:
+> >> - an example of a target collision for MD5; this means:=20
+> >> for two chosen messages m1 and m2 we have constructed=20
+> >> appendages b1 and b2 to make the messages collide=20
+> >> under MD5, i.e. MD5(m1||b1) =3D MD5(m2||b2);
+> >> said differently: we can cause an MD5 collision for=20
+> >> any pair of distinct IHVs;
+> >> - an example of a pair of valid, unsuspicious X.509=20
+> >> certificates with distinct Distinguished Name fields,=20
+> >> but identical CA signatures; this example makes use=20
+> >> of the target collision.
+> >>
+> >> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
+> >> where the certificates and a more detailed announcement=20
+> >> can be found.
+> >>
+> >> Marc Stevens
+> >> Arjen Lenstra
+> >> Benne de Weger
+>=20
+
----------------------------------------------------------------------
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
diff --git a/tests/rsa-md5-collision/mbox b/tests/rsa-md5-collision/mbox
deleted file mode 100644
index 6727bfd..0000000
--- a/tests/rsa-md5-collision/mbox
+++ /dev/null
@@ -1,600 +0,0 @@
-X-Hashcash: 1:22:061024:address@hidden::NIoLZwQj6TTZ4YZK:BUuA
-X-Hashcash: 1:22:061024:address@hidden::NgTq8sJW1QBlX/rv:g9Z
-From: Simon Josefsson <address@hidden>
-To: "Weger\, B.M.M. de" <address@hidden>, address@hidden, address@hidden
-Subject: Re: target collisions and colliding certificates with different
identities
-References: <address@hidden>
-OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
-X-Draft-From: ("gmane.ietf.irtf.cfrg" 784)
-X-Hashcash: 1:22:061024:address@hidden::aYYmnRc08nJKaUMk:6ddD
-Date: Tue, 24 Oct 2006 08:28:07 +0200
-In-Reply-To: <address@hidden>
- (B. M. M. de Weger's message of "Mon\, 23 Oct 2006 23\:58\:21 +0200")
-Message-ID: <address@hidden>
-User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux)
-MIME-Version: 1.0
-Content-Type: text/plain; charset=us-ascii
-Lines: 48
-Xref: localhost.localdomain rsa-md5:1
-
-Great work, thanks!
-
-I'd like to include your certificates in GnuTLS, a TLS implementation
-that supports X.509, as self-tests of the the certificate verification
-logic. Is this OK with you?
-
-Btw, Gnutls rejected the certificates, we already disable MD5 for
-verification purposes. :)
-
-For our legal department, I'd like a clarification of the license on
-the data, would you agree to release the certificates under the
-following license?
-
- Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
-
- Copying and distribution of this file, with or without modification,
- are permitted in any medium without royalty provided the copyright
- notice and this notice are preserved.
-
-Also, if any other authors contributed, they would have to agree to
-this license as well. Are there other authors?
-
-Best regards, and thanks in advance,
-Simon
-
-"Weger, B.M.M. de" <address@hidden> writes:
-
-> Hi all,
->
-> We announce:
-> - an example of a target collision for MD5; this means:
-> for two chosen messages m1 and m2 we have constructed
-> appendages b1 and b2 to make the messages collide
-> under MD5, i.e. MD5(m1||b1) = MD5(m2||b2);
-> said differently: we can cause an MD5 collision for
-> any pair of distinct IHVs;
-> - an example of a pair of valid, unsuspicious X.509
-> certificates with distinct Distinguished Name fields,
-> but identical CA signatures; this example makes use
-> of the target collision.
->
-> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
-> where the certificates and a more detailed announcement
-> can be found.
->
-> Marc Stevens
-> Arjen Lenstra
-> Benne de Weger
-Return-Path: <address@hidden>
-Received: from yxa.extundo.com ([unix socket])
- by yxa-iv (Cyrus v2.1.18-IPv6-Debian-2.1.18-1+sarge2) with LMTP; Tue,
24 Oct 2006 08:32:12 +0200
-X-Sieve: CMU Sieve 2.2
-Received: from smtp1.epfl.ch (smtp1.epfl.ch [128.178.50.22])
- by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with SMTP id
k9O6VvPx016489
- for <address@hidden>; Tue, 24 Oct 2006 08:31:57 +0200
-Received: (qmail 16665 invoked by uid 107); 24 Oct 2006 06:31:51 -0000
-Received: from mailav1.epfl.ch (128.178.50.190)
- by smtp1.epfl.ch with SMTP; 24 Oct 2006 06:31:51 -0000
-Received: from (smtp2.epfl.ch [128.178.50.133]) by MAILAV1.epfl.ch with smtp
- id 3c76_55596730_6329_11db_9dfc_001143d18479;
- Tue, 24 Oct 2006 08:31:51 +0200
-Received: from rex1.epfl.ch (128.178.50.178)
- by smtp2.epfl.ch (AngelmatoPhylax SMTP proxy); Tue, 24 Oct 2006 08:31:51
+0200
-X-MimeOLE: Produced By Microsoft Exchange V6.5
-Content-class: urn:content-classes:message
-MIME-Version: 1.0
-Content-Type: text/plain;
- charset="iso-8859-1"
-Content-Transfer-Encoding: quoted-printable
-Subject: RE: target collisions and colliding certificates with different
identities
-Date: Tue, 24 Oct 2006 08:31:42 +0200
-Message-ID: <address@hidden>
-In-Reply-To: <address@hidden>
-X-MS-Has-Attach:
-X-MS-TNEF-Correlator:
-Thread-Topic: target collisions and colliding certificates with different
identities
-Thread-Index: Acb3NZO8kzaCp7NPSV29z2Ydtt/p5gAAEyEg
-From: "Arjen Lenstra" <address@hidden>
-To: "Simon Josefsson" <address@hidden>,
- "Weger, B.M.M. de" <address@hidden>,
- <address@hidden>
-X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham
- version=3.1.1
-X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv
-X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on
yxa.extundo.com
-X-Virus-Status: Clean
-Lines: 75
-Xref: localhost.localdomain rsa-md5:2
-
-Hi,
-Thanks!
-I can't speak for my coauthors, but it's all fine with me, though I find =
-the year in your proposed copyright statement a bit odd (I would have =
-expected 2006). There are no more authros involved.
-
-best regards, Arjen Lenstra
-
-----------------
-Arjen K. Lenstra a k l @ e p f l . c h
-EPFL IC LACAL
-INJ 330 (B=E2timent INJ)
-Station 14
-CH-1015 Lausanne, Switzerland
-T=E9l: + 41 21 693 8101
-Fax: + 41 21 693 7550
-=20
-=20
-
------Original Message-----
-From: Simon Josefsson [mailto:address@hidden
-Sent: Tuesday, October 24, 2006 8:28 AM
-To: Weger, B.M.M. de; address@hidden; Arjen Lenstra
-Subject: Re: target collisions and colliding certificates with different =
-identities
-
-Great work, thanks!
-
-I'd like to include your certificates in GnuTLS, a TLS implementation
-that supports X.509, as self-tests of the the certificate verification
-logic. Is this OK with you?
-
-Btw, Gnutls rejected the certificates, we already disable MD5 for
-verification purposes. :)
-
-For our legal department, I'd like a clarification of the license on
-the data, would you agree to release the certificates under the
-following license?
-
- Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
-
- Copying and distribution of this file, with or without =
-modification,
- are permitted in any medium without royalty provided the copyright
- notice and this notice are preserved.
-
-Also, if any other authors contributed, they would have to agree to
-this license as well. Are there other authors?
-
-Best regards, and thanks in advance,
-Simon
-
-"Weger, B.M.M. de" <address@hidden> writes:
-
-> Hi all,
->
-> We announce:
-> - an example of a target collision for MD5; this means:=20
-> for two chosen messages m1 and m2 we have constructed=20
-> appendages b1 and b2 to make the messages collide=20
-> under MD5, i.e. MD5(m1||b1) =3D MD5(m2||b2);
-> said differently: we can cause an MD5 collision for=20
-> any pair of distinct IHVs;
-> - an example of a pair of valid, unsuspicious X.509=20
-> certificates with distinct Distinguished Name fields,=20
-> but identical CA signatures; this example makes use=20
-> of the target collision.
->
-> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
-> where the certificates and a more detailed announcement=20
-> can be found.
->
-> Marc Stevens
-> Arjen Lenstra
-> Benne de Weger
-From: Simon Josefsson <address@hidden>
-To: "Arjen Lenstra" <address@hidden>
-Cc: "Weger\, B.M.M. de" <address@hidden>, <address@hidden>
-Subject: Re: target collisions and colliding certificates with different
identities
-References: <address@hidden>
-OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
-X-Draft-From: ("nnimap+yxa:INBOX.private.2006.10" 623)
-X-Hashcash: 1:22:061024:address@hidden::pMR7JuXUTTt/Zjut:0aGD
-X-Hashcash: 1:22:061024:address@hidden::juw1iXMSKV62mZGj:CBbu
-X-Hashcash: 1:22:061024:address@hidden::SJdQwxRXP39Dw2C4:n6ia
-Date: Tue, 24 Oct 2006 08:43:59 +0200
-In-Reply-To: <address@hidden>
- (Arjen Lenstra's message of "Tue\, 24 Oct 2006 08\:31\:42 +0200")
-Message-ID: <address@hidden>
-User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux)
-MIME-Version: 1.0
-Content-Type: text/plain; charset=iso-8859-1
-Content-Transfer-Encoding: 8bit
-Lines: 80
-Xref: localhost.localdomain rsa-md5:3
-
-"Arjen Lenstra" <address@hidden> writes:
-
-> Hi,
-> Thanks!
-> I can't speak for my coauthors, but it's all fine with me, though I
-> find the year in your proposed copyright statement a bit odd (I
-> would have expected 2006). There are no more authros involved.
-
-Thanks. Duh, I meant 2006, of course. I'd appreciate if Marc and
-Benne also replied.
-
-/Simon
-
-> best regards, Arjen Lenstra
->
-> ----------------
-> Arjen K. Lenstra a k l @ e p f l . c h
-> EPFL IC LACAL
-> INJ 330 (Bâtiment INJ)
-> Station 14
-> CH-1015 Lausanne, Switzerland
-> Tél: + 41 21 693 8101
-> Fax: + 41 21 693 7550
->
->
->
-> -----Original Message-----
-> From: Simon Josefsson [mailto:address@hidden
-> Sent: Tuesday, October 24, 2006 8:28 AM
-> To: Weger, B.M.M. de; address@hidden; Arjen Lenstra
-> Subject: Re: target collisions and colliding certificates with different
identities
->
-> Great work, thanks!
->
-> I'd like to include your certificates in GnuTLS, a TLS implementation
-> that supports X.509, as self-tests of the the certificate verification
-> logic. Is this OK with you?
->
-> Btw, Gnutls rejected the certificates, we already disable MD5 for
-> verification purposes. :)
->
-> For our legal department, I'd like a clarification of the license on
-> the data, would you agree to release the certificates under the
-> following license?
->
-> Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
->
-> Copying and distribution of this file, with or without modification,
-> are permitted in any medium without royalty provided the copyright
-> notice and this notice are preserved.
->
-> Also, if any other authors contributed, they would have to agree to
-> this license as well. Are there other authors?
->
-> Best regards, and thanks in advance,
-> Simon
->
-> "Weger, B.M.M. de" <address@hidden> writes:
->
->> Hi all,
->>
->> We announce:
->> - an example of a target collision for MD5; this means:
->> for two chosen messages m1 and m2 we have constructed
->> appendages b1 and b2 to make the messages collide
->> under MD5, i.e. MD5(m1||b1) = MD5(m2||b2);
->> said differently: we can cause an MD5 collision for
->> any pair of distinct IHVs;
->> - an example of a pair of valid, unsuspicious X.509
->> certificates with distinct Distinguished Name fields,
->> but identical CA signatures; this example makes use
->> of the target collision.
->>
->> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
->> where the certificates and a more detailed announcement
->> can be found.
->>
->> Marc Stevens
->> Arjen Lenstra
->> Benne de Weger
-Return-Path: <address@hidden>
-Received: from yxa.extundo.com ([unix socket])
- by yxa-iv (Cyrus v2.1.18-IPv6-Debian-2.1.18-1+sarge2) with LMTP; Tue,
24 Oct 2006 09:23:28 +0200
-X-Sieve: CMU Sieve 2.2
-Received: from ipact2.infopact.nl (ipact2.infopact.nl [212.29.160.71])
- by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id
k9O7NIbh023920
- (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
- for <address@hidden>; Tue, 24 Oct 2006 09:23:22 +0200
-Received: from ipact2.infopact.nl (localhost.localdomain [127.0.0.1])
- by ipact2.infopact.nl (8.13.7/8.13.7) with ESMTP id k9O7NAZd008636
- for <address@hidden>; Tue, 24 Oct 2006 09:23:11 +0200
-Received: (from address@hidden)
- by ipact2.infopact.nl (8.13.7/8.13.7/Submit) id k9O7J939006762
- for <address@hidden>; Tue, 24 Oct 2006 09:19:09 +0200
-Received: from smtp.banaan.org (72-130-ftth.onsnet.nu [88.159.130.72])
- by ipact2.infopact.nl (envelope-sender <address@hidden>) (MIMEDefang)
with ESMTP id k9O7J72W006742; Tue, 24 Oct 2006 09:19:09 +0200 (CEST)
-Received: by smtp.banaan.org (Postfix, from userid 1018)
- id DE1B689D80; Tue, 24 Oct 2006 09:19:06 +0200 (CEST)
-X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv
-X-Spam-Level:
-X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00,FORGED_RCVD_HELO
- autolearn=ham version=3.1.1
-Received: from s478591 (cp688553-a.tilbu1.nb.home.nl [84.24.55.50])
- by smtp.banaan.org (Postfix) with ESMTP id 5EE4889EF9;
- Tue, 24 Oct 2006 09:18:57 +0200 (CEST)
-Message-ID: <address@hidden>
-From: "Marc Stevens" <address@hidden>
-To: "Simon Josefsson" <address@hidden>,
- "Arjen Lenstra" <address@hidden>
-Cc: "Weger, B.M.M. de" <address@hidden>
-References: <address@hidden> <address@hidden>
-Subject: Re: target collisions and colliding certificates with different
identities
-Date: Tue, 24 Oct 2006 09:18:50 +0200
-MIME-Version: 1.0
-Content-Type: text/plain;
- format=flowed;
- charset="iso-8859-1";
- reply-type=original
-Content-Transfer-Encoding: 8bit
-X-Priority: 3
-X-MSMail-Priority: Normal
-X-Mailer: Microsoft Outlook Express 6.00.2900.2869
-X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
-X-Scanned-By: MIMEDefang - SpamAssassin on 212.29.160.71
-X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on
yxa.extundo.com
-X-Virus-Status: Clean
-Lines: 101
-Xref: localhost.localdomain rsa-md5:4
-
-Hi Simon,
-
-Thanks!
-I am also okay with the proposed license.
-
-Kind regards,
- Marc
-
------ Original Message -----
-From: "Simon Josefsson" <address@hidden>
-To: "Arjen Lenstra" <address@hidden>
-Cc: "Weger, B.M.M. de" <address@hidden>;
-<address@hidden>
-Sent: Tuesday, October 24, 2006 8:43 AM
-Subject: Re: target collisions and colliding certificates with different
-identities
-
-
-> "Arjen Lenstra" <address@hidden> writes:
->
->> Hi,
->> Thanks!
->> I can't speak for my coauthors, but it's all fine with me, though I
->> find the year in your proposed copyright statement a bit odd (I
->> would have expected 2006). There are no more authros involved.
->
-> Thanks. Duh, I meant 2006, of course. I'd appreciate if Marc and
-> Benne also replied.
->
-> /Simon
->
->> best regards, Arjen Lenstra
->>
->> ----------------
->> Arjen K. Lenstra a k l @ e p f l . c h
->> EPFL IC LACAL
->> INJ 330 (Bâtiment INJ)
->> Station 14
->> CH-1015 Lausanne, Switzerland
->> Tél: + 41 21 693 8101
->> Fax: + 41 21 693 7550
->>
->>
->>
->> -----Original Message-----
->> From: Simon Josefsson [mailto:address@hidden
->> Sent: Tuesday, October 24, 2006 8:28 AM
->> To: Weger, B.M.M. de; address@hidden; Arjen Lenstra
->> Subject: Re: target collisions and colliding certificates with different
->> identities
->>
->> Great work, thanks!
->>
->> I'd like to include your certificates in GnuTLS, a TLS implementation
->> that supports X.509, as self-tests of the the certificate verification
->> logic. Is this OK with you?
->>
->> Btw, Gnutls rejected the certificates, we already disable MD5 for
->> verification purposes. :)
->>
->> For our legal department, I'd like a clarification of the license on
->> the data, would you agree to release the certificates under the
->> following license?
->>
->> Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
->>
->> Copying and distribution of this file, with or without modification,
->> are permitted in any medium without royalty provided the copyright
->> notice and this notice are preserved.
->>
->> Also, if any other authors contributed, they would have to agree to
->> this license as well. Are there other authors?
->>
->> Best regards, and thanks in advance,
->> Simon
->>
->> "Weger, B.M.M. de" <address@hidden> writes:
->>
->>> Hi all,
->>>
->>> We announce:
->>> - an example of a target collision for MD5; this means:
->>> for two chosen messages m1 and m2 we have constructed
->>> appendages b1 and b2 to make the messages collide
->>> under MD5, i.e. MD5(m1||b1) = MD5(m2||b2);
->>> said differently: we can cause an MD5 collision for
->>> any pair of distinct IHVs;
->>> - an example of a pair of valid, unsuspicious X.509
->>> certificates with distinct Distinguished Name fields,
->>> but identical CA signatures; this example makes use
->>> of the target collision.
->>>
->>> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
->>> where the certificates and a more detailed announcement
->>> can be found.
->>>
->>> Marc Stevens
->>> Arjen Lenstra
->>> Benne de Weger
->
-
-Return-Path: <address@hidden>
-Received: from yxa.extundo.com ([unix socket])
- by yxa-iv (Cyrus v2.1.18-IPv6-Debian-2.1.18-1+sarge2) with LMTP; Tue,
24 Oct 2006 10:55:48 +0200
-X-Sieve: CMU Sieve 2.2
-Received: from mailhost.tue.nl (mailhost.tue.nl [131.155.2.19])
- by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id
k9O8te8O005696
- for <address@hidden>; Tue, 24 Oct 2006 10:55:40 +0200
-Received: from localhost (localhost [127.0.0.1])
- by mailhost.tue.nl (Postfix) with ESMTP id B6C745C297;
- Tue, 24 Oct 2006 10:55:39 +0200 (CEST)
-X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on
yxa.extundo.com
-X-Virus-Scanned: amavisd-new at tue.nl
-Received: from mailhost.tue.nl ([131.155.2.19])
- by localhost (pastinakel.tue.nl [127.0.0.1]) (amavisd-new, port 10024)
- with ESMTP id 84pZYnFvD8HO; Tue, 24 Oct 2006 10:55:39 +0200 (CEST)
-Received: from EXCHANGE3.campus.tue.nl (xserver3.campus.tue.nl [131.155.6.6])
- by mailhost.tue.nl (Postfix) with ESMTP id 1CFE55C293;
- Tue, 24 Oct 2006 10:55:39 +0200 (CEST)
-X-MimeOLE: Produced By Microsoft Exchange V6.5
-Content-class: urn:content-classes:message
-MIME-Version: 1.0
-Content-Type: text/plain;
- charset="iso-8859-1"
-Content-Transfer-Encoding: quoted-printable
-Subject: RE: target collisions and colliding certificates with different
identities
-Date: Tue, 24 Oct 2006 10:55:38 +0200
-Message-ID: <address@hidden>
-In-Reply-To: <address@hidden>
-X-MS-Has-Attach:
-X-MS-TNEF-Correlator:
-Thread-Topic: target collisions and colliding certificates with different
identities
-Thread-Index: Acb3N816trM39dt6Tmef1RZSgSRhMQAEdpog
-From: "Weger, B.M.M. de" <address@hidden>
-To: "Simon Josefsson" <address@hidden>
-Cc: "Stevens, M.M.J." <address@hidden>,
- "Arjen Lenstra" <address@hidden>
-X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham
- version=3.1.1
-X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv
-X-Virus-Status: Clean
-Lines: 123
-Xref: localhost.localdomain rsa-md5:5
-
-Hi Simon,
-
-When your software rejects any MD5 certificate I don't see why
-you would use our colliding ones, doesn't it mean that you'll=20
-have more explaining to do?
-But when you want it this way, it's fine with me too.
-
-Grtz,
-Benne
-
-=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
-=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
-Technische Universiteit Eindhoven
-Coding & Crypto Groep
-Faculteit Wiskunde en Informatica
-Den Dolech 2
-Postbus 513
-5600 MB Eindhoven
-kamer: HG 9.84
-tel.: (040) 247 2704, bgg 5141
-e-mail: address@hidden
-www: http://www.win.tue.nl/~bdeweger
-=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
-=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
-
-
- =20
-
-> -----Original Message-----
-> From: Simon Josefsson [mailto:address@hidden
-> Sent: dinsdag 24 oktober 2006 8:44
-> To: Arjen Lenstra
-> Cc: Weger, B.M.M. de; Stevens, M.M.J.
-> Subject: Re: target collisions and colliding certificates=20
-> with different identities
->=20
-> "Arjen Lenstra" <address@hidden> writes:
->=20
-> > Hi,
-> > Thanks!
-> > I can't speak for my coauthors, but it's all fine with me, though I
-> > find the year in your proposed copyright statement a bit odd (I
-> > would have expected 2006). There are no more authros involved.
->=20
-> Thanks. Duh, I meant 2006, of course. I'd appreciate if Marc and
-> Benne also replied.
->=20
-> /Simon
->=20
-> > best regards, Arjen Lenstra
-> >
-> > ----------------
-> > Arjen K. Lenstra a k l @ e p f l . c h
-> > EPFL IC LACAL
-> > INJ 330 (B=E2timent INJ)
-> > Station 14
-> > CH-1015 Lausanne, Switzerland
-> > T=E9l: + 41 21 693 8101
-> > Fax: + 41 21 693 7550
-> > =20
-> > =20
-> >
-> > -----Original Message-----
-> > From: Simon Josefsson [mailto:address@hidden
-> > Sent: Tuesday, October 24, 2006 8:28 AM
-> > To: Weger, B.M.M. de; address@hidden; Arjen Lenstra
-> > Subject: Re: target collisions and colliding certificates=20
-> with different identities
-> >
-> > Great work, thanks!
-> >
-> > I'd like to include your certificates in GnuTLS, a TLS=20
-> implementation
-> > that supports X.509, as self-tests of the the certificate=20
-> verification
-> > logic. Is this OK with you?
-> >
-> > Btw, Gnutls rejected the certificates, we already disable MD5 for
-> > verification purposes. :)
-> >
-> > For our legal department, I'd like a clarification of the license on
-> > the data, would you agree to release the certificates under the
-> > following license?
-> >
-> > Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra,=20
-> Benne de Weger
-> >
-> > Copying and distribution of this file, with or without=20
-> modification,
-> > are permitted in any medium without royalty provided=20
-> the copyright
-> > notice and this notice are preserved.
-> >
-> > Also, if any other authors contributed, they would have to agree to
-> > this license as well. Are there other authors?
-> >
-> > Best regards, and thanks in advance,
-> > Simon
-> >
-> > "Weger, B.M.M. de" <address@hidden> writes:
-> >
-> >> Hi all,
-> >>
-> >> We announce:
-> >> - an example of a target collision for MD5; this means:=20
-> >> for two chosen messages m1 and m2 we have constructed=20
-> >> appendages b1 and b2 to make the messages collide=20
-> >> under MD5, i.e. MD5(m1||b1) =3D MD5(m2||b2);
-> >> said differently: we can cause an MD5 collision for=20
-> >> any pair of distinct IHVs;
-> >> - an example of a pair of valid, unsuspicious X.509=20
-> >> certificates with distinct Distinguished Name fields,=20
-> >> but identical CA signatures; this example makes use=20
-> >> of the target collision.
-> >>
-> >> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
-> >> where the certificates and a more detailed announcement=20
-> >> can be found.
-> >>
-> >> Marc Stevens
-> >> Arjen Lenstra
-> >> Benne de Weger
->=20
diff --git a/tests/userid/userid.pem b/tests/userid/userid.pem
index bfe1bb5..be1e5ac 100644
--- a/tests/userid/userid.pem
+++ b/tests/userid/userid.pem
@@ -1,17 +1,19 @@
-This file contains a X.509 certificate with a UID field, encoded as an
-IA5String rather than DirectoryString (i.e., TeletexString,
-PrintableString, UniversalString, UTF8String, or BMPString) which is
-the correct approach. For compatibility, it seems good to make sure
-that newer versions of GnuTLS continue to be able to read such
-certificates. Thanks to Max Kellermann <address@hidden> who reported
-this problem to address@hidden, see Message-ID:
-<address@hidden>.
-
- Copyright (c) 2006 Simon Josefsson
-
- Copying and distribution of this file, with or without modification,
- are permitted in any medium without royalty provided the copyright
- notice and this notice are preserved.
+# This file contains a X.509 certificate with a UID field, encoded as
+# an IA5String rather than DirectoryString (i.e., TeletexString,
+# PrintableString, UniversalString, UTF8String, or BMPString) which is
+# the correct approach. For compatibility, it seems good to make sure
+# that newer versions of GnuTLS continue to be able to read such
+# certificates.
+
+# Thanks to Max Kellermann <address@hidden> who reported this problem
+# to address@hidden, see Message-ID:
+# <address@hidden>.
+
+# Copyright (C) 2006, 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
+#
+# Copying and distribution of this file, with or without modification,
+# are permitted in any medium without royalty provided the copyright
+# notice and this notice are preserved.
X.509 certificate info:
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_2_9_9-93-g3291383,
Simon Josefsson <=