I installed the SSL Blacklist extension for Firefox a while ago when Debian and its derivatives were exposed to a weakness in generating certificates. I just noticed a warning from the extension, today, on a site I have trusted in the past and that didn’t run afoul of the Debian specific warning previously.
I clicked through for more information and it turns out that the extension has been updated, without fanfare, to spot SSL certificates that use an MD5 based fingerprint. The info shown when clicking More Info on the warning references the research I mentioned in my last podcast.
From the Márton Anka’s (the author of the extension) site:
SSL Blacklist now detects and warns about certificate chains that use the MD5 algorithm for RSA signatures.
An attack has been demonstrated yesterday that highlights the practicality of the well-publicizedpdf weaknesses of the MD5 algorithm. Essentially, any certificate signed with the MD5 algorithm may be counterfeit.
The demonstrated attack has two notable prerequisites: the ability to predict information in the prefix blocks of the data, and the present existence of CAs that use MD5-RSA to sign CSRs.
I was just thinking that an extension that simply warned about sites using MD5 based certificates should be well doable and a decent measure to help put pressure on sites and CA’s. Looks like I was a week or so late in that thought. Huge thanks to Márton for the original extension and now this valuable update.
On a related note, Verisign has announced they are no longer issuing MD5 based certificates. They are one of the biggies, hopefully the rest of the CA’s will soon follow suit.