[Mono-dev] Proposal: Change SignCode default from MD5 to SHA1
Eric Lawrence
bayden at gmail.com
Tue Dec 15 19:00:12 UTC 2015
(resend, as Miguel suggested I should join the list)
Today, the signcode application distributed with Mono defaults to using MD5
for Authenticode signing. This has resulted in vulnerable signatures on at
least two broadly distributed projects (CoPilot and WordPress Desktop; see
http://textslashplain.com/2015/12/15/hashes-and-code-signing/).
MD5 signatures are dangerous because the collision attacks against MD5 get
better and cheaper with each passing day, and any MD5 signature is
vulnerable to abuse for the lifetime of the signing certificate—the package
WordPress signed last week could be exploited until 11/21/2018 unless
Automattic is willing to revoke their signing certificate before that time
(costly).
SHA1 is considerably stronger than MD5 and signcode already supports it; it
just needs to be made default. The command line argument (-a md5) could be
used for anyone that really needs an MD5 signature for any reason.
Thanks for your consideration!
-Eric Lawrence
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ximian.com/pipermail/mono-devel-list/attachments/20151215/85d919c6/attachment.html>
More information about the Mono-devel-list
mailing list