On 03/30/16 20:53, Jeremy Rowley wrote: > I think a required move away from SHA1 client certs requires a bit > more planning. > > 1) There hasn't been a formal deprecation of all SHA-1 certificates > in any root store policy. There has been a formal deprecation by the > CAB Forum of SHA1 server certificates. Considering many of the client > cert issuance is governed by various national schemes (FBCA in the US > and the Qualified Cert program in the EU), care is necessary in > enacting policies that impact the use of client certificates. > Although I recognize the need for Mozilla to ensure a safe onine > experience for all its users, I'm sure they don't want to undermine > entire trust frameworks built on these certificates. (Yes, I know > FBCA requires SHA2 now).
Is issuing non-SHA-1 certificates proscribed by any of these national schemes? Have any of these national schemes not contemplated a transition away from SHA-1 for many years? > 2) The browsers are already deploying code to reject SHA1 > certificates encountered. If this is true, what is the harm in > continued SHA1 client certificate issuance until the national schemes > have all updated their requirements? Mozilla is protected but the > national bodies (and financial institutions) can continue using their > software for client authentication. I do think we should move to > SHA2, but I don't think the prior notice has occurred with respect to > SHA1 client certs. I'd guess that many non-browser users (e.g. curl/wget on many Linux distros) of Mozilla's root store will continue to accept SHA-1 server certificates and/or OCSP responses for quite a while after Mozilla's browsers start rejecting them. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
