Why are there still preinstalled MD2 Root Certs from verisign with FF3,4,5 ?

3 amsoshi
2 sa na da wannan matsala
187 views
Amsa ta ƙarshe daga cor-el

13 shekaru da suka gabata

rootbash

6/7/11, 04:10

Hi,

i added a verisign root certificate in the troubleshooting section. This cert is signed with an md2 hashing algorithm, as mentioned on the 26c3 in berlin 2009.

It's still enabled by default for WEB, Email and other.

I strongly suggest to remove it, like anyone else did.

Interesstingly, the cryto shell extention from windows says sha1 , but openssl does not mention sha1 at all. I think openssl is right :)

Hi, i added a verisign root certificate in the troubleshooting section. This cert is signed with an md2 hashing algorithm, as mentioned on the 26c3 in berlin 2009. It's still enabled by default for WEB, Email and other. I strongly suggest to remove it, like anyone else did. Interesstingly, the cryto shell extention from windows says sha1 , but openssl does not mention sha1 at all. I think openssl is right :)

Answer 1 · 2011-07-06 04:10:30

cor-el

Moderator
Top 10 Contributor

6/7/11, 15:47

See:

Cert Viewer Plus: https://addons.mozilla.org/firefox/addon/1964

Answer 2 · 2011-07-06 04:10:30

rootbash Mai mallakar tambaya

9/7/11, 03:04

Nice tool, but it doesn't answere or help with this problem/question.

Answer 3 · 2011-07-06 04:10:30

cor-el

Moderator
Top 10 Contributor

9/7/11, 08:59

Do those certificates have a SHA1 fingerprint?

I do not think that Firefox will use the MD5 (MD2?) fingerprint if that is the case.

Search Support

Why are there still preinstalled MD2 Root Certs from verisign with FF3,4,5 ?

All Replies (3)

Explore by product

Explore by topic

Browse by product

Browse all forum threads by topic

Get help with

Search Support

Why are there still preinstalled MD2 Root Certs from verisign with FF3,4,5 ?

All Replies (3)