diff options
| author | Simon Josefsson <simon@josefsson.org> | 2005-11-01 21:05:14 +0000 |
|---|---|---|
| committer | Simon Josefsson <simon@josefsson.org> | 2005-11-01 21:05:14 +0000 |
| commit | 5c20cfc51dc05050f808489b9337c1021db163eb (patch) | |
| tree | 45f39a11f09efe07241d0ce56fc263f1b8d99d79 | |
| parent | 4504a0b1ffdcaef7540dc303ce3ea94cf95f6845 (diff) | |
| download | gnutls-5c20cfc51dc05050f808489b9337c1021db163eb.tar.gz | |
Fix.
| -rw-r--r-- | doc/signatures.texi | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/doc/signatures.texi b/doc/signatures.texi index 4ffbf8213c..db24f93a1a 100644 --- a/doc/signatures.texi +++ b/doc/signatures.texi @@ -83,7 +83,9 @@ First, it is important to know that you do not have to enable any of the flags discussed here to be able to use trusted root CA certificates signed using @code{RSA-MD2} or @code{RSA-MD5}. The only attack today is that it is possible to generate certificates with -colliding signatures; you cannot forge signatures. +colliding signatures (collision resistance); you cannot generate a +certificate that has the same signature as an already existing +signature (2nd preimage resistance). If you are using @ref{gnutls_certificate_verify_peers2} to verify the certificate chain, you can call |