Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/x509: consider removing support for signing with RSA-MD5 #42125

rolandshoemaker opened this issue Oct 21, 2020 · 5 comments


Copy link

@rolandshoemaker rolandshoemaker commented Oct 21, 2020

MD5 is very broken, which is why we don't implement support for verifying certificates that use the RSA-MD5 (MD5WithRSA) signature algorithm. We do still support signing new certificates with RSA-MD5 though, which is not ideal as it introduces some inconsistency around how we handle certificates (i.e. see

Presumably we still provide support because at some point in the past there were still some users of RSA-MD5 certificates, and we're only allowing them to create broken certificates rather than verifying them (and thus relying on them). Unless there are still significant use cases I'd suggest we just completely axe support for this broken signature algorithm, reducing our support burden, and hopefully further dissuading anyone from making a serious mistake in their choice of algorithms.

@rolandshoemaker rolandshoemaker added this to the Backlog milestone Oct 21, 2020
@cagedmantis cagedmantis added the NeedsInvestigation label Oct 21, 2020
@ALTree ALTree added the Proposal-Crypto label Oct 21, 2020
Copy link

@gopherbot gopherbot commented Feb 24, 2021

Change mentions this issue: crypto/x509: disable signing with MD5WithRSA

@FiloSottile FiloSottile modified the milestones: Backlog, Go1.17 Mar 17, 2021
@katiehockman katiehockman removed the Proposal-Crypto label Apr 26, 2021
Copy link

@katiehockman katiehockman commented Apr 26, 2021

Removed Proposal-Crypto label since this doesn't need to go through the proposal committee.

@mknyszek mknyszek modified the milestones: Go1.17, Go1.18 Aug 18, 2021
Copy link

@ianlancetaylor ianlancetaylor commented Nov 16, 2021

@rolandshoemaker This is in the Go 1.18 milestone. What is the status of this for the 1.18 release? Thanks.

Copy link
Member Author

@rolandshoemaker rolandshoemaker commented Nov 17, 2021

We decided to pre-announce this in 1.18, and disable it in 1.19, I've moved it to the right milestone.

@rolandshoemaker rolandshoemaker modified the milestones: Go1.18, Go1.19 Nov 17, 2021
Copy link

@gopherbot gopherbot commented Mar 9, 2022

Change mentions this issue: _content/doc/go1.18: preannounce x509 md5 deprecation

gopherbot pushed a commit to golang/website that referenced this issue Mar 14, 2022
Pre-announce the removal of certificate signing with MD5 and SHA-1
based algs in 1.19.

Updates golang/go#42125

Change-Id: I78784f3182b1d33ce6271621abd6c35cd668d93c
Reviewed-by: Filippo Valsorda <>
Trust: Dmitri Shuralyov <>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

No branches or pull requests

8 participants