Add.

2 files changed, 26 insertions, 2 deletions

diff --git a/NEWS b/NEWS
index 34ac8c9194..567042fcdb 100644
--- a/NEWS
+++ b/NEWS
@@ -5,8 +5,11 @@ See the end for copying conditions.
 
 * Version 1.5.3 (unreleased)
 
-** Add new self-test for RSA-MD5 signature chains.
-Note that we already, since GnuTLS 1.2.9, reject RSA-MD5 signatures.
+** Add new self-test of RSA-MD5 signature chains.
+Note that we already, since GnuTLS 1.2.9, reject RSA-MD5 signatures
+when verifying X.509 chains.  The code is in tests/rsa-md5-collision/
+and is based on the work by Marc Stevens et al, see
+<http://www.win.tue.nl/hashclash/TargetCollidingCertificates/>.
 
 ** Re-factor self tests.
 
diff --git a/tests/rsa-md5-collision/README b/tests/rsa-md5-collision/README
new file mode 100644
index 0000000000..a3b6c8945b
--- /dev/null
+++ b/tests/rsa-md5-collision/README
@@ -0,0 +1,21 @@
+rsa-md5-collision README -- Information about rsa-md5-collision self tests.
+Copyright (C) 2006 Simon Josefsson
+See the end for copying conditions.
+
+This directory contains colliding X.509 certificates for different
+identities, from:
+
+http://www.win.tue.nl/hashclash/TargetCollidingCertificates/
+
+The certificates are used by a simple self-test script,
+rsa-md5-collision, that check to make sure that GnuTLS reject both
+certificate chains.
+
+The file mbox contain mail exchanges with the authors where they agree
+to release the certificates under a permissive license, that allow the
+files to be included here.
+
+----------------------------------------------------------------------
+Copying and distribution of this file, with or without modification,
+are permitted in any medium without royalty provided the copyright
+notice and this notice are preserved.