[cryptography] Malware-signing certs with 512-bit keys

Ondrej Mikle ondrej.mikle at nic.cz
Wed Dec 7 08:17:04 EST 2011


On 12/07/2011 01:30 PM, Peter Gutmann wrote:
> Finally, there are even further 512-bit certs out there, some issued as
> recently as a few months ago.  The A-Data one in the collection below was

It's issued by A-Trust (not A-Data).

The Hongkong Post certs lack EKU extension, but 'key usage' does not 
contain 'digital signature'. That makes them probably unusable for 
Microsoft's code-signing scheme, but I don't know about other 
code-signing implementations.

Ondrej



More information about the cryptography mailing list