On Wednesday 08. January 2014 12:33:56 Kurt Roeckx wrote: > I'm not convinced there is a need for the CA certificates themselves to > start using SHA-2. I think the only thing we care about for those is > a preimage attack. SHA-1 still provides 160 bit of security for that. >
Microsoft requires in its SHA1 deprecation policy, to have SHA-2 based intermediate certificates, so it will be a necessity anyway. cheers Mathias
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
