summaryrefslogtreecommitdiffstats
path: root/tests/rsa-md5-collision/README
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--tests/rsa-md5-collision/README622
1 files changed, 622 insertions, 0 deletions
diff --git a/tests/rsa-md5-collision/README b/tests/rsa-md5-collision/README
new file mode 100644
index 0000000..fa5a199
--- /dev/null
+++ b/tests/rsa-md5-collision/README
@@ -0,0 +1,622 @@
+rsa-md5-collision README -- Information about rsa-md5-collision self tests.
+Copyright (C) 2006-2012 Free Software Foundation, Inc.
+See the end for copying conditions.
+
+This directory contains colliding X.509 certificates for different
+identities, from:
+
+http://www.win.tue.nl/hashclash/TargetCollidingCertificates/
+
+The certificates are used by a simple self-test script,
+rsa-md5-collision, that check to make sure that GnuTLS reject both
+certificate chains.
+
+Below is the e-mail exchanges with the authors where they agree to
+release the certificates under a permissive license, that allow the
+files to be included here.
+
+X-Hashcash: 1:22:061024:m.m.j.stevens@student.tue.nl::NIoLZwQj6TTZ4YZK:BUuA
+X-Hashcash: 1:22:061024:arjen.lenstra@epfl.ch::NgTq8sJW1QBlX/rv:g9Z
+From: Simon Josefsson <jas@extundo.com>
+To: "Weger\, B.M.M. de" <b.m.m.d.weger@TUE.nl>, m.m.j.stevens@student.tue.nl, arjen.lenstra@epfl.ch
+Subject: Re: target collisions and colliding certificates with different identities
+References: <DFA3206A564B80499B87B89B49BCD3135DC17A@EXCHANGE3.campus.tue.nl>
+OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
+X-Draft-From: ("gmane.ietf.irtf.cfrg" 784)
+X-Hashcash: 1:22:061024:b.m.m.d.weger@tue.nl::aYYmnRc08nJKaUMk:6ddD
+Date: Tue, 24 Oct 2006 08:28:07 +0200
+In-Reply-To: <DFA3206A564B80499B87B89B49BCD3135DC17A@EXCHANGE3.campus.tue.nl>
+ (B. M. M. de Weger's message of "Mon\, 23 Oct 2006 23\:58\:21 +0200")
+Message-ID: <87ods2grd4.fsf@latte.josefsson.org>
+User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=us-ascii
+Lines: 48
+Xref: localhost.localdomain rsa-md5:1
+
+Great work, thanks!
+
+I'd like to include your certificates in GnuTLS, a TLS implementation
+that supports X.509, as self-tests of the certificate verification
+logic. Is this OK with you?
+
+Btw, Gnutls rejected the certificates, we already disable MD5 for
+verification purposes. :)
+
+For our legal department, I'd like a clarification of the license on
+the data, would you agree to release the certificates under the
+following license?
+
+ Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
+
+ Copying and distribution of this file, with or without modification,
+ are permitted in any medium without royalty provided the copyright
+ notice and this notice are preserved.
+
+Also, if any other authors contributed, they would have to agree to
+this license as well. Are there other authors?
+
+Best regards, and thanks in advance,
+Simon
+
+"Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes:
+
+> Hi all,
+>
+> We announce:
+> - an example of a target collision for MD5; this means:
+> for two chosen messages m1 and m2 we have constructed
+> appendages b1 and b2 to make the messages collide
+> under MD5, i.e. MD5(m1||b1) = MD5(m2||b2);
+> said differently: we can cause an MD5 collision for
+> any pair of distinct IHVs;
+> - an example of a pair of valid, unsuspicious X.509
+> certificates with distinct Distinguished Name fields,
+> but identical CA signatures; this example makes use
+> of the target collision.
+>
+> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
+> where the certificates and a more detailed announcement
+> can be found.
+>
+> Marc Stevens
+> Arjen Lenstra
+> Benne de Weger
+Return-Path: <arjen.lenstra@epfl.ch>
+Received: from yxa.extundo.com ([unix socket])
+ by yxa-iv (Cyrus v2.1.18-IPv6-Debian-2.1.18-1+sarge2) with LMTP; Tue, 24 Oct 2006 08:32:12 +0200
+X-Sieve: CMU Sieve 2.2
+Received: from smtp1.epfl.ch (smtp1.epfl.ch [128.178.50.22])
+ by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with SMTP id k9O6VvPx016489
+ for <jas@extundo.com>; Tue, 24 Oct 2006 08:31:57 +0200
+Received: (qmail 16665 invoked by uid 107); 24 Oct 2006 06:31:51 -0000
+Received: from mailav1.epfl.ch (128.178.50.190)
+ by smtp1.epfl.ch with SMTP; 24 Oct 2006 06:31:51 -0000
+Received: from (smtp2.epfl.ch [128.178.50.133]) by MAILAV1.epfl.ch with smtp
+ id 3c76_55596730_6329_11db_9dfc_001143d18479;
+ Tue, 24 Oct 2006 08:31:51 +0200
+Received: from rex1.epfl.ch (128.178.50.178)
+ by smtp2.epfl.ch (AngelmatoPhylax SMTP proxy); Tue, 24 Oct 2006 08:31:51 +0200
+X-MimeOLE: Produced By Microsoft Exchange V6.5
+Content-class: urn:content-classes:message
+MIME-Version: 1.0
+Content-Type: text/plain;
+ charset="iso-8859-1"
+Content-Transfer-Encoding: quoted-printable
+Subject: RE: target collisions and colliding certificates with different identities
+Date: Tue, 24 Oct 2006 08:31:42 +0200
+Message-ID: <D449110BB7036C4297225E473599E77067DD0A@rex1.intranet.epfl.ch>
+In-Reply-To: <87ods2grd4.fsf@latte.josefsson.org>
+X-MS-Has-Attach:
+X-MS-TNEF-Correlator:
+Thread-Topic: target collisions and colliding certificates with different identities
+Thread-Index: Acb3NZO8kzaCp7NPSV29z2Ydtt/p5gAAEyEg
+From: "Arjen Lenstra" <arjen.lenstra@epfl.ch>
+To: "Simon Josefsson" <jas@extundo.com>,
+ "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl>,
+ <m.m.j.stevens@student.tue.nl>
+X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham
+ version=3.1.1
+X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv
+X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on yxa.extundo.com
+X-Virus-Status: Clean
+Lines: 75
+Xref: localhost.localdomain rsa-md5:2
+
+Hi,
+Thanks!
+I can't speak for my coauthors, but it's all fine with me, though I find =
+the year in your proposed copyright statement a bit odd (I would have =
+expected 2006). There are no more authros involved.
+
+best regards, Arjen Lenstra
+
+----------------
+Arjen K. Lenstra a k l @ e p f l . c h
+EPFL IC LACAL
+INJ 330 (B=E2timent INJ)
+Station 14
+CH-1015 Lausanne, Switzerland
+T=E9l: + 41 21 693 8101
+Fax: + 41 21 693 7550
+=20
+=20
+
+-----Original Message-----
+From: Simon Josefsson [mailto:jas@extundo.com]=20
+Sent: Tuesday, October 24, 2006 8:28 AM
+To: Weger, B.M.M. de; m.m.j.stevens@student.tue.nl; Arjen Lenstra
+Subject: Re: target collisions and colliding certificates with different =
+identities
+
+Great work, thanks!
+
+I'd like to include your certificates in GnuTLS, a TLS implementation
+that supports X.509, as self-tests of the certificate verification
+logic. Is this OK with you?
+
+Btw, Gnutls rejected the certificates, we already disable MD5 for
+verification purposes. :)
+
+For our legal department, I'd like a clarification of the license on
+the data, would you agree to release the certificates under the
+following license?
+
+ Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
+
+ Copying and distribution of this file, with or without =
+modification,
+ are permitted in any medium without royalty provided the copyright
+ notice and this notice are preserved.
+
+Also, if any other authors contributed, they would have to agree to
+this license as well. Are there other authors?
+
+Best regards, and thanks in advance,
+Simon
+
+"Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes:
+
+> Hi all,
+>
+> We announce:
+> - an example of a target collision for MD5; this means:=20
+> for two chosen messages m1 and m2 we have constructed=20
+> appendages b1 and b2 to make the messages collide=20
+> under MD5, i.e. MD5(m1||b1) =3D MD5(m2||b2);
+> said differently: we can cause an MD5 collision for=20
+> any pair of distinct IHVs;
+> - an example of a pair of valid, unsuspicious X.509=20
+> certificates with distinct Distinguished Name fields,=20
+> but identical CA signatures; this example makes use=20
+> of the target collision.
+>
+> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
+> where the certificates and a more detailed announcement=20
+> can be found.
+>
+> Marc Stevens
+> Arjen Lenstra
+> Benne de Weger
+From: Simon Josefsson <jas@extundo.com>
+To: "Arjen Lenstra" <arjen.lenstra@epfl.ch>
+Cc: "Weger\, B.M.M. de" <b.m.m.d.weger@TUE.nl>, <m.m.j.stevens@student.tue.nl>
+Subject: Re: target collisions and colliding certificates with different identities
+References: <D449110BB7036C4297225E473599E77067DD0A@rex1.intranet.epfl.ch>
+OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
+X-Draft-From: ("nnimap+yxa:INBOX.private.2006.10" 623)
+X-Hashcash: 1:22:061024:b.m.m.d.weger@tue.nl::pMR7JuXUTTt/Zjut:0aGD
+X-Hashcash: 1:22:061024:arjen.lenstra@epfl.ch::juw1iXMSKV62mZGj:CBbu
+X-Hashcash: 1:22:061024:m.m.j.stevens@student.tue.nl::SJdQwxRXP39Dw2C4:n6ia
+Date: Tue, 24 Oct 2006 08:43:59 +0200
+In-Reply-To: <D449110BB7036C4297225E473599E77067DD0A@rex1.intranet.epfl.ch>
+ (Arjen Lenstra's message of "Tue\, 24 Oct 2006 08\:31\:42 +0200")
+Message-ID: <87d58igqmo.fsf@latte.josefsson.org>
+User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=iso-8859-1
+Content-Transfer-Encoding: 8bit
+Lines: 80
+Xref: localhost.localdomain rsa-md5:3
+
+"Arjen Lenstra" <arjen.lenstra@epfl.ch> writes:
+
+> Hi,
+> Thanks!
+> I can't speak for my coauthors, but it's all fine with me, though I
+> find the year in your proposed copyright statement a bit odd (I
+> would have expected 2006). There are no more authros involved.
+
+Thanks. Duh, I meant 2006, of course. I'd appreciate if Marc and
+Benne also replied.
+
+/Simon
+
+> best regards, Arjen Lenstra
+>
+> ----------------
+> Arjen K. Lenstra a k l @ e p f l . c h
+> EPFL IC LACAL
+> INJ 330 (Bâtiment INJ)
+> Station 14
+> CH-1015 Lausanne, Switzerland
+> Tél: + 41 21 693 8101
+> Fax: + 41 21 693 7550
+>
+>
+>
+> -----Original Message-----
+> From: Simon Josefsson [mailto:jas@extundo.com]
+> Sent: Tuesday, October 24, 2006 8:28 AM
+> To: Weger, B.M.M. de; m.m.j.stevens@student.tue.nl; Arjen Lenstra
+> Subject: Re: target collisions and colliding certificates with different identities
+>
+> Great work, thanks!
+>
+> I'd like to include your certificates in GnuTLS, a TLS implementation
+> that supports X.509, as self-tests of the certificate verification
+> logic. Is this OK with you?
+>
+> Btw, Gnutls rejected the certificates, we already disable MD5 for
+> verification purposes. :)
+>
+> For our legal department, I'd like a clarification of the license on
+> the data, would you agree to release the certificates under the
+> following license?
+>
+> Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
+>
+> Copying and distribution of this file, with or without modification,
+> are permitted in any medium without royalty provided the copyright
+> notice and this notice are preserved.
+>
+> Also, if any other authors contributed, they would have to agree to
+> this license as well. Are there other authors?
+>
+> Best regards, and thanks in advance,
+> Simon
+>
+> "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes:
+>
+>> Hi all,
+>>
+>> We announce:
+>> - an example of a target collision for MD5; this means:
+>> for two chosen messages m1 and m2 we have constructed
+>> appendages b1 and b2 to make the messages collide
+>> under MD5, i.e. MD5(m1||b1) = MD5(m2||b2);
+>> said differently: we can cause an MD5 collision for
+>> any pair of distinct IHVs;
+>> - an example of a pair of valid, unsuspicious X.509
+>> certificates with distinct Distinguished Name fields,
+>> but identical CA signatures; this example makes use
+>> of the target collision.
+>>
+>> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
+>> where the certificates and a more detailed announcement
+>> can be found.
+>>
+>> Marc Stevens
+>> Arjen Lenstra
+>> Benne de Weger
+Return-Path: <m.m.j.stevens@student.tue.nl>
+Received: from yxa.extundo.com ([unix socket])
+ by yxa-iv (Cyrus v2.1.18-IPv6-Debian-2.1.18-1+sarge2) with LMTP; Tue, 24 Oct 2006 09:23:28 +0200
+X-Sieve: CMU Sieve 2.2
+Received: from ipact2.infopact.nl (ipact2.infopact.nl [212.29.160.71])
+ by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id k9O7NIbh023920
+ (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
+ for <jas@extundo.com>; Tue, 24 Oct 2006 09:23:22 +0200
+Received: from ipact2.infopact.nl (localhost.localdomain [127.0.0.1])
+ by ipact2.infopact.nl (8.13.7/8.13.7) with ESMTP id k9O7NAZd008636
+ for <jas@extundo.com>; Tue, 24 Oct 2006 09:23:11 +0200
+Received: (from defang@localhost)
+ by ipact2.infopact.nl (8.13.7/8.13.7/Submit) id k9O7J939006762
+ for <jas@extundo.com>; Tue, 24 Oct 2006 09:19:09 +0200
+Received: from smtp.banaan.org (72-130-ftth.onsnet.nu [88.159.130.72])
+ by ipact2.infopact.nl (envelope-sender <m.m.j.stevens@student.tue.nl>) (MIMEDefang) with ESMTP id k9O7J72W006742; Tue, 24 Oct 2006 09:19:09 +0200 (CEST)
+Received: by smtp.banaan.org (Postfix, from userid 1018)
+ id DE1B689D80; Tue, 24 Oct 2006 09:19:06 +0200 (CEST)
+X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv
+X-Spam-Level:
+X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00,FORGED_RCVD_HELO
+ autolearn=ham version=3.1.1
+Received: from s478591 (cp688553-a.tilbu1.nb.home.nl [84.24.55.50])
+ by smtp.banaan.org (Postfix) with ESMTP id 5EE4889EF9;
+ Tue, 24 Oct 2006 09:18:57 +0200 (CEST)
+Message-ID: <03cf01c6f73c$a8923390$8702a8c0@s478591>
+From: "Marc Stevens" <m.m.j.stevens@student.tue.nl>
+To: "Simon Josefsson" <jas@extundo.com>,
+ "Arjen Lenstra" <arjen.lenstra@epfl.ch>
+Cc: "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl>
+References: <D449110BB7036C4297225E473599E77067DD0A@rex1.intranet.epfl.ch> <87d58igqmo.fsf@latte.josefsson.org>
+Subject: Re: target collisions and colliding certificates with different identities
+Date: Tue, 24 Oct 2006 09:18:50 +0200
+MIME-Version: 1.0
+Content-Type: text/plain;
+ format=flowed;
+ charset="iso-8859-1";
+ reply-type=original
+Content-Transfer-Encoding: 8bit
+X-Priority: 3
+X-MSMail-Priority: Normal
+X-Mailer: Microsoft Outlook Express 6.00.2900.2869
+X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
+X-Scanned-By: MIMEDefang - SpamAssassin on 212.29.160.71
+X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on yxa.extundo.com
+X-Virus-Status: Clean
+Lines: 101
+Xref: localhost.localdomain rsa-md5:4
+
+Hi Simon,
+
+Thanks!
+I am also okay with the proposed license.
+
+Kind regards,
+ Marc
+
+----- Original Message -----
+From: "Simon Josefsson" <jas@extundo.com>
+To: "Arjen Lenstra" <arjen.lenstra@epfl.ch>
+Cc: "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl>;
+<m.m.j.stevens@student.tue.nl>
+Sent: Tuesday, October 24, 2006 8:43 AM
+Subject: Re: target collisions and colliding certificates with different
+identities
+
+
+> "Arjen Lenstra" <arjen.lenstra@epfl.ch> writes:
+>
+>> Hi,
+>> Thanks!
+>> I can't speak for my coauthors, but it's all fine with me, though I
+>> find the year in your proposed copyright statement a bit odd (I
+>> would have expected 2006). There are no more authros involved.
+>
+> Thanks. Duh, I meant 2006, of course. I'd appreciate if Marc and
+> Benne also replied.
+>
+> /Simon
+>
+>> best regards, Arjen Lenstra
+>>
+>> ----------------
+>> Arjen K. Lenstra a k l @ e p f l . c h
+>> EPFL IC LACAL
+>> INJ 330 (Bâtiment INJ)
+>> Station 14
+>> CH-1015 Lausanne, Switzerland
+>> Tél: + 41 21 693 8101
+>> Fax: + 41 21 693 7550
+>>
+>>
+>>
+>> -----Original Message-----
+>> From: Simon Josefsson [mailto:jas@extundo.com]
+>> Sent: Tuesday, October 24, 2006 8:28 AM
+>> To: Weger, B.M.M. de; m.m.j.stevens@student.tue.nl; Arjen Lenstra
+>> Subject: Re: target collisions and colliding certificates with different
+>> identities
+>>
+>> Great work, thanks!
+>>
+>> I'd like to include your certificates in GnuTLS, a TLS implementation
+>> that supports X.509, as self-tests of the certificate verification
+>> logic. Is this OK with you?
+>>
+>> Btw, Gnutls rejected the certificates, we already disable MD5 for
+>> verification purposes. :)
+>>
+>> For our legal department, I'd like a clarification of the license on
+>> the data, would you agree to release the certificates under the
+>> following license?
+>>
+>> Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
+>>
+>> Copying and distribution of this file, with or without modification,
+>> are permitted in any medium without royalty provided the copyright
+>> notice and this notice are preserved.
+>>
+>> Also, if any other authors contributed, they would have to agree to
+>> this license as well. Are there other authors?
+>>
+>> Best regards, and thanks in advance,
+>> Simon
+>>
+>> "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes:
+>>
+>>> Hi all,
+>>>
+>>> We announce:
+>>> - an example of a target collision for MD5; this means:
+>>> for two chosen messages m1 and m2 we have constructed
+>>> appendages b1 and b2 to make the messages collide
+>>> under MD5, i.e. MD5(m1||b1) = MD5(m2||b2);
+>>> said differently: we can cause an MD5 collision for
+>>> any pair of distinct IHVs;
+>>> - an example of a pair of valid, unsuspicious X.509
+>>> certificates with distinct Distinguished Name fields,
+>>> but identical CA signatures; this example makes use
+>>> of the target collision.
+>>>
+>>> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
+>>> where the certificates and a more detailed announcement
+>>> can be found.
+>>>
+>>> Marc Stevens
+>>> Arjen Lenstra
+>>> Benne de Weger
+>
+
+Return-Path: <b.m.m.d.weger@TUE.nl>
+Received: from yxa.extundo.com ([unix socket])
+ by yxa-iv (Cyrus v2.1.18-IPv6-Debian-2.1.18-1+sarge2) with LMTP; Tue, 24 Oct 2006 10:55:48 +0200
+X-Sieve: CMU Sieve 2.2
+Received: from mailhost.tue.nl (mailhost.tue.nl [131.155.2.19])
+ by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id k9O8te8O005696
+ for <jas@extundo.com>; Tue, 24 Oct 2006 10:55:40 +0200
+Received: from localhost (localhost [127.0.0.1])
+ by mailhost.tue.nl (Postfix) with ESMTP id B6C745C297;
+ Tue, 24 Oct 2006 10:55:39 +0200 (CEST)
+X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on yxa.extundo.com
+X-Virus-Scanned: amavisd-new at tue.nl
+Received: from mailhost.tue.nl ([131.155.2.19])
+ by localhost (pastinakel.tue.nl [127.0.0.1]) (amavisd-new, port 10024)
+ with ESMTP id 84pZYnFvD8HO; Tue, 24 Oct 2006 10:55:39 +0200 (CEST)
+Received: from EXCHANGE3.campus.tue.nl (xserver3.campus.tue.nl [131.155.6.6])
+ by mailhost.tue.nl (Postfix) with ESMTP id 1CFE55C293;
+ Tue, 24 Oct 2006 10:55:39 +0200 (CEST)
+X-MimeOLE: Produced By Microsoft Exchange V6.5
+Content-class: urn:content-classes:message
+MIME-Version: 1.0
+Content-Type: text/plain;
+ charset="iso-8859-1"
+Content-Transfer-Encoding: quoted-printable
+Subject: RE: target collisions and colliding certificates with different identities
+Date: Tue, 24 Oct 2006 10:55:38 +0200
+Message-ID: <DFA3206A564B80499B87B89B49BCD3135DC263@EXCHANGE3.campus.tue.nl>
+In-Reply-To: <87d58igqmo.fsf@latte.josefsson.org>
+X-MS-Has-Attach:
+X-MS-TNEF-Correlator:
+Thread-Topic: target collisions and colliding certificates with different identities
+Thread-Index: Acb3N816trM39dt6Tmef1RZSgSRhMQAEdpog
+From: "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl>
+To: "Simon Josefsson" <jas@extundo.com>
+Cc: "Stevens, M.M.J." <M.M.J.Stevens@student.tue.nl>,
+ "Arjen Lenstra" <arjen.lenstra@epfl.ch>
+X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham
+ version=3.1.1
+X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv
+X-Virus-Status: Clean
+Lines: 123
+Xref: localhost.localdomain rsa-md5:5
+
+Hi Simon,
+
+When your software rejects any MD5 certificate I don't see why
+you would use our colliding ones, doesn't it mean that you'll=20
+have more explaining to do?
+But when you want it this way, it's fine with me too.
+
+Grtz,
+Benne
+
+=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
+=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
+Technische Universiteit Eindhoven
+Coding & Crypto Groep
+Faculteit Wiskunde en Informatica
+Den Dolech 2
+Postbus 513
+5600 MB Eindhoven
+kamer: HG 9.84
+tel.: (040) 247 2704, bgg 5141
+e-mail: b.m.m.d.weger@tue.nl
+www: http://www.win.tue.nl/~bdeweger
+=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
+=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
+
+
+ =20
+
+> -----Original Message-----
+> From: Simon Josefsson [mailto:jas@extundo.com]=20
+> Sent: dinsdag 24 oktober 2006 8:44
+> To: Arjen Lenstra
+> Cc: Weger, B.M.M. de; Stevens, M.M.J.
+> Subject: Re: target collisions and colliding certificates=20
+> with different identities
+>=20
+> "Arjen Lenstra" <arjen.lenstra@epfl.ch> writes:
+>=20
+> > Hi,
+> > Thanks!
+> > I can't speak for my coauthors, but it's all fine with me, though I
+> > find the year in your proposed copyright statement a bit odd (I
+> > would have expected 2006). There are no more authros involved.
+>=20
+> Thanks. Duh, I meant 2006, of course. I'd appreciate if Marc and
+> Benne also replied.
+>=20
+> /Simon
+>=20
+> > best regards, Arjen Lenstra
+> >
+> > ----------------
+> > Arjen K. Lenstra a k l @ e p f l . c h
+> > EPFL IC LACAL
+> > INJ 330 (B=E2timent INJ)
+> > Station 14
+> > CH-1015 Lausanne, Switzerland
+> > T=E9l: + 41 21 693 8101
+> > Fax: + 41 21 693 7550
+> > =20
+> > =20
+> >
+> > -----Original Message-----
+> > From: Simon Josefsson [mailto:jas@extundo.com]=20
+> > Sent: Tuesday, October 24, 2006 8:28 AM
+> > To: Weger, B.M.M. de; m.m.j.stevens@student.tue.nl; Arjen Lenstra
+> > Subject: Re: target collisions and colliding certificates=20
+> with different identities
+> >
+> > Great work, thanks!
+> >
+> > I'd like to include your certificates in GnuTLS, a TLS=20
+> implementation
+> > that supports X.509, as self-tests of the certificate=20
+> verification
+> > logic. Is this OK with you?
+> >
+> > Btw, Gnutls rejected the certificates, we already disable MD5 for
+> > verification purposes. :)
+> >
+> > For our legal department, I'd like a clarification of the license on
+> > the data, would you agree to release the certificates under the
+> > following license?
+> >
+> > Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra,=20
+> Benne de Weger
+> >
+> > Copying and distribution of this file, with or without=20
+> modification,
+> > are permitted in any medium without royalty provided=20
+> the copyright
+> > notice and this notice are preserved.
+> >
+> > Also, if any other authors contributed, they would have to agree to
+> > this license as well. Are there other authors?
+> >
+> > Best regards, and thanks in advance,
+> > Simon
+> >
+> > "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes:
+> >
+> >> Hi all,
+> >>
+> >> We announce:
+> >> - an example of a target collision for MD5; this means:=20
+> >> for two chosen messages m1 and m2 we have constructed=20
+> >> appendages b1 and b2 to make the messages collide=20
+> >> under MD5, i.e. MD5(m1||b1) =3D MD5(m2||b2);
+> >> said differently: we can cause an MD5 collision for=20
+> >> any pair of distinct IHVs;
+> >> - an example of a pair of valid, unsuspicious X.509=20
+> >> certificates with distinct Distinguished Name fields,=20
+> >> but identical CA signatures; this example makes use=20
+> >> of the target collision.
+> >>
+> >> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
+> >> where the certificates and a more detailed announcement=20
+> >> can be found.
+> >>
+> >> Marc Stevens
+> >> Arjen Lenstra
+> >> Benne de Weger
+>=20
+
+----------------------------------------------------------------------
+Copying and distribution of this file, with or without modification,
+are permitted in any medium without royalty provided the copyright
+notice and this notice are preserved.