No, not exactly. The SHA-1 hashing algorithm still does what it is supposed to do. SHA-1 creates an unpredictable 20 byte “fingerprint” of the data input into the function, in this case a web server certificate. It is the unpredictability of the output that makes cryptographic hash functions so useful. … Continue reading
Yes, it is possible in theory to forge the Web Server Certificate that is used in SSL/TLS communication. This is because the certificate is signed by a certificate authority that your browser trusts using a cryptographic hashing algorithm of a specific length. The hashing algorithms that have been used to… Continue reading
Why didn't someone think of this before? --> Chrome Limits Websites' Access to Private Networks for Security Reasons https://thehackernews.com/2022/01/chrome-limits-websites-access-to.html
https://www.linkedin.com/posts/kennethghartman_sanscloudsec-activity-6872555566418460673-V4dM
