27 Feb
2017
27 Feb
'17
4:14 a.m.
On Mon, 27 Feb 2017 01:15:28 -0500, "Patrick W. Gilmore" said:
In the example above, the CA knows the SHA-1 hash of the cert it issued. (We are assuming there is a CA which still does SHA-1.) How do you get that CA to believe the two OTHER certs with DIFFERENT hashes you have to create so you can have two docs with the same hash?
There's only 2 certs. You generate 2 certs with the same hash, and *then* get the CA to sign one of them.