On Mon, 27 Feb 2017 01:15:28 -0500, "Patrick W. Gilmore" said: > In the example above, the CA knows the SHA-1 hash of the cert it issued. (We > are assuming there is a CA which still does SHA-1.) How do you get that CA to > believe the two OTHER certs with DIFFERENT hashes you have to create so you > can have two docs with the same hash?
There's only 2 certs. You generate 2 certs with the same hash, and *then* get the CA to sign one of them.
pgp0_PR3wBTEZ.pgp
Description: PGP signature
