Paul Hoffman announced the release of Bruce Schneier’s and his Internet Draft on Attacks on Cryptographic Hashes in Internet Protocols. It’s readable, and covers the issues in their typically not-paranoid fashion — unlike some other articles I’ve read (but will not bother to find again).
While it is certainly possible, and at a first glance even probable, that the broken security property will not affect the overall security of many specific Internet protocols, the conservative security approach is to change hash algorithms. The Internet protocol community needs to migrate in an orderly manner away from SHA-1 and MD5 — especially MD5 — and toward more secure hash algorithms.
This document summarizes what is currently known about hash algorithms and the Internet protocols that use them. It also gives advice on how to avoid the currently known problems with MD5 and SHA-1, and what to consider if future predicted attacks become real.