Validate that an internet application has made use of a details hash function for its certification
What is the procedure for validating the hash function that was made use of to create an internet applications certification? I ask due to the fact that there evidently has actually been some concern with the MD5 hash function in which a person destructive can phony a certification.
Firefox 3 has all MD5 encryption disabled by default with the exception of RC4/ 128 (filter
about:config by md5)
Lots even more details below : The new MD5/SSL exploit is NOT the end of civilization as we know it