(1) The attack is extremely difficult to pull off.
(2) Critical details required to carry it out --- an academic breakthrough in MD5 collision-finding --- were actually withheld, meaning that no "zero-day" occurred.
(3) The "fix" for this attack is for RapidSSL to randomize serials and stop using MD5, both of which will happen; if you believe certificates from before today are vulnerable, that's an even stronger argument for publishing.
(4) The product of the attack was deliberately backdated to 2004 to prevent real-world exploitation.
(5) I may be wrong about this, but --- Ben Laurie himself helped zero-day the RSA signature validation flaw two years ago.
(1) The attack is extremely difficult to pull off.
(2) Critical details required to carry it out --- an academic breakthrough in MD5 collision-finding --- were actually withheld, meaning that no "zero-day" occurred.
(3) The "fix" for this attack is for RapidSSL to randomize serials and stop using MD5, both of which will happen; if you believe certificates from before today are vulnerable, that's an even stronger argument for publishing.
(4) The product of the attack was deliberately backdated to 2004 to prevent real-world exploitation.
(5) I may be wrong about this, but --- Ben Laurie himself helped zero-day the RSA signature validation flaw two years ago.
(6) Laurie is calling Arjen Lenstra a moron.