Interesting. I submitted by original comment with the misconception that it second preimage attacks against MD5 were feasible and were being used by the article. So I see how in the case where you want to defend against collisions (e.g. a malicious certificate signing request), length awareness might not help. I'm not sure if that would apply to a second preimage attack, though.
