[flagged]
replyIf you can't tell the difference between MD5 and SHA-256, you should not be making claims such as the one in the title.
replyedited to clarify, thanks for pointing it out. It wouldn't be responsible for us to only publish when we got to the same stage for SHA-256, since at that point TLS and other certificates would be considered compromised.
reply> Great question, and you're right to be skeptical.
replyHi Claude! You're absolutely right!
Got the same vibe from reading that sentence, reading AI replies on HN is so annoying…
reply> You can use literally any MD5 tool
reply> Our certificates implement the full SHA-256 algorithm
We knew MD5 is broken. Do you have a POC for breaking SHA-256, too?