Autonomous collision attack on OCSP services

Finally finished my paper on issues in OCSP protocol and got it published on arXiv.org.

The most surprising outcome of the research was the fact that the majority of OCSP services are still using SHA-1 algorithm for calculating their signatures. Taking into account the importance of the role that OCSP responders play in trust environments, this might make them an attractive attack surface.