Author Archives: Sourcerer

Happy new attack!

A few days ago, a group of scientists and security specialists finally succeeded to create a rogue CA that was able to issue certificates that are accepted by all browsers: and The problem underneath are weaknesses that were discovered in the MD5 hash-algorithm.

CAcert has switched from MD5 to SHA-1 for certificate-issueing a few years ago, when the first research results were made public that indicated that such an attack will become feasible. CAcert is currently still using an intermediate CA that was issued with an MD5 based signature 3 years ago. We are currently working to phase out this intermediate CA.

We suggest that all certificates (except for root certificates, which aren’t affected), regardless of which CA has issued them, that were still issued with MD5, be replaced with SHA-1 based certificates within the next 3 months. We also suggest that all company-internal or organisation internal CA’s be checked and switched from MD5 to SHA-1 where necessary. To detect, whether a webserver certificate or any of the intermediate certificates are MD5 based, you can use this Firefox extension:

Happy new year!

heise SSL Guardian

Heise has developed the SSL Guardian tool, which is able to detect compromised server certificates for all Windows applications that are using the CryptoAPI. To secure your windows machine for free, please head over to–/features/111039/

Warning on weak keys and random numbers

Regarding the recently discovered random number vulnerability:

CAcert’s root keys are not affected, since they were created before the bug existed.
CAcert’s internal systems were affected, and are currently being cleaned up.
A lot of our users are affected.
We are currently working on improved methods to detect the vulnerabilities and inform the affected users about them.
In general, digital signatures and certificates are only affected in the case the any of the underlying keys are compromised. Signatures and certificates do not contain any additional random numbers, so they can’t be affected on their own, if the keys are not compromised.

We currently think that the articles in the media hasn’t informed everyone about the whole impact of the problem yet.

The affected distributions contain Debian, Ubuntu, Kubuntu, Knoppix, Grml, and various other Debian based distributions.
Also various embedded systems that are based on Debian are likely affected.

Regarding the applications, OpenSSL, OpenVPN, OpenXPKI, OpenCA, OpenSSH (especially client authorisation keys!), boxbackup and various other software packages are affected.

All systems that are relying on keys that were generated on affected systems are affected.
This means that you should scan all your SuSE, Fedora, Redhat, BSD, … SSH-servers for compromised keys in the authorized keys files of all users, and blacklist the compromised keys accordingly. (And the same for any other services that might rely on the compromised keys.)

If you want to assess the quality of your own random number generator, you can use our free service here:

We are currently developing a X.509 vulnerability detection system, which will be available for all CA’s, to discover similarly compromised keys as early as possible. If you want to participate and help there, please contact us.

Message to all non-Debian-derived vendors: Please ship blacklists and blacklist-detection software in your security updates. (Port ssh-vuln to your distribution, …) And warn your users too, not to rely on compromised keys anymore.

General information about the vulnerability:

SHA1 Collision search

IAIK has started a SHA1 collision search project based on the distributed computing platform BOINC and needs your help:

CeBIT 2007

CAcert will be at the CeBIT 2007 (Hannover, Germany) in hall5 on booth F58/2. Please see for more information, some accomodation is still needed.

DNS outage

Update: We apologize, but there are still problems with our DNS. We still are working on the problem.

Unfortunatley our main DNS provider had an outage today, which caused the website to be unreachable. We are still working on it, but most systems should be working again already. We are sorry for the disruption.

Crete, Greece in need of Assurers this summer

This year, the Hellenic Linux Users Group, is organizing the Linux
Beer Wanderung (Linux Beer Hike), “a week-long event which takes place
in a different European country each summer, drawing together Open
Source software enthusiasts from more than a dozen different countries,
for a combination of talks, presentations, hands-on mini-projects,
outdoor exercise, and good food and drink”. The event is self-funded and
you can find more at

Since Greece is very low on the CAcert horizon, we would really like to
start having things rolling at the LBW. A short survey I made suggests
that there is only one person on the LBW mailing list (from London) that
can give only 35 points but unfortunately will not be joining the event
in Crete this year. Even if 3-4 people that will be coming to the event
get assured by him or someone else, I doubt that we can achieve the
critical mass to get things rolling on their own in Greece.

Anyone interested to help, please contact CAcert.

CAcert at Fosdem 2007

If you live near Belgium, and want to get CAcert assured, please come to Fosdem next weekend.
Both events are free.

See for the lecture schedule and for more information about the CAcert event.

Migration finished

We have good news: The migration has finished successfully.
The bad news is that we had a network outage today due to several broken (and wrongly configured) routers of the telecom, which took us 12 hours in total to fix all of them again.
To improve reliability and availability we are currently planning to add more datacenters for non-core but critical services around the planet. If you are interested to sponsor hosting capacities, please contact us.

Please update your Acrobat Reader Now!

There is a remotely exploitable security vulnerability in Acrobat Reader 7.x :
Please update your Acrobat Reader.