SSL's using MD5 algorithm not secured.

[ssluser]

Hello Everyone,

It has come to my knowledge that SSL certificates that use the MD5 algorithm have been successfully hacked and are vulnerable to attacks. Only Verisign (owners of RapidSSL since 2006) have stated that they have stopped using MD5-signing for RapidSSL certificates, and will have phased out MD5-signing across all their certificate products by the end of January 2009.:news:

 

[webfreak08]

Microsoft also noted that most of the certificate authority vendors that issue digital certificates have abandoned MD5 and upgraded to the more secure SHA-1 algorithm.

http://www.infoworld.com/article/08/12/31/Microsoft_MD5_hack_poses_no_major_threats_to_users_1.html

Your contribution wouldn't have anything to do with your RapidSSL reseller, would it? :rolleyes2

 

[ssluser]

http://www.infoworld.com/article/08/12/31/Microsoft_MD5_hack_poses_no_major_threats_to_users_1.html

Your contribution wouldn't have anything to do with your RapidSSL reseller, would it? :rolleyes2

I am just creating an awareness so that people wanting to purchase SSL for their websites keep this point in their mind. They can purchase Rapidssl and Verisign certificates from anywhere. There are many resellers in market selling Verisign certificates. Also, one more point, If you have purchase your SSL before Jan09, my advice would be to reissue that certificate.