Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Blocking access to MD5 signed certs - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Blocking access to MD5 signed certs

A few people have written in regarding the Firefox plugin SSL Blocklist

The tool has been around for a while, but they have added the ability to detect MD5 signed certificates and block access.  It might be a nice addition to the arsenal.  Whilst the address bars in FF and IE do seem to turn green when the site has a SHA signed cert (at least it did for the sites I tested), this might be a bit more obvious. You only get the padlock when the site is MD5 signed.

Mark H


392 Posts
ISC Handler
Jan 2nd 2009
The green doesn't necessarily mean it uses sha1 for hashing the signature, it just means it is an "extended valiadation" cert, though for the money it probably is sha1.

Sign Up for Free or Log In to start participating in the conversation!