> It's very well worth the effort, otherwise there's a security issue, because certificates can be forged. No they cannot. What *has* been done is a document was created with "weak spots" and another document was created that changed those weak spots, but the digest was the same. This is a long long long way from creating two certificates with the same digest (and therefore the same signature). -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
