I see that CA's are now giving the option of having the root CA cert signed with SHA2. I have been told that the hashing function in a root has no security value, and is irrelevant as far as a collision vulnerability because the cert lives in the trust store of the host system, so it requires no verification, and faking one would be pointless in that respect. So why are CA's now giving this option? Is this a security measure in case the CA itself is compromised to prevent attackers from issuing fraudulent certs?
We need at least 10 more requests to produce the answer.
0 / 10 have requested this problem solution
The more requests, the faster the answer.
I see that CA's are now giving the option of having the root CA cert signed...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...