http://www.comodo.com/news/press_releases/08_01_09.htmlThe MD-5 certificate algorithm has been known to be subject to potential compromise since 1996. Recently, a team of security researchers exploited a flaw in the MD-5 hash function, demonstrating the potential to generate bogus certificates that would be trusted by major web browsers. Though there have been no documented attacks arising from this, SSL users are advised to check with their respective certification authorities to determine if their certificates were issued using MD-5, and if so, consider replacing them with more secure alternatives..
If the MD-5 had a potential compromise since mid 1990's why did multimillion dollar companies use it knowing this would of happened?
(Excluding Comodo Of Course)
Jacob
Author