Rick, Long story short, upgrading the www.mozilla.org certificate to SHA-2 was costing them about 145,000 Firefox downloads per week.
Details on the mozilla.org SHA-2 cert can be found here: https://bugzilla.mozilla.org/show_bug.cgi?id=1064387 Chris On 9/24/2014 4:23 PM, Rick Andrews wrote: > Kathleen, why is mozilla.org still using a SHA-1 cert? > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
