On Tue, Apr 19, 2016 at 12:08:21PM -0700, [email protected] wrote: > On Friday, 15 April 2016 20:26:39 UTC+3, Richard Barnes wrote: > > Do you mean SHA-1 for client certificates? For those, the browser isn't > > the relying party; it would be up to the website to decide whether a SHA-1 > > client certificate is acceptable. > > But the browser still needs to "support" the certificates.
All a browser needs to do to "support" a client certificate is send it to the relying party, and use the corresponding private key to do some cryptographic operations. I'm not certain, but I'd be *extremely* surprised if all the cryptographic-level code for "weak" algorithms and key strengths had been forcibly removed from NSS. > Given the somewhat fragile state of client certificate authentication > (keygen removal, "x509 UX is ugly" etc), maybe it might be useful to have > a baseline profile for client certificates as well? I don't see how your conclusion follows from your axiom. Could you expand somewhat on that? > What if I used 512 bit RSA keys? MD5? Shall a browser or some other > client side system intervene? Drawing a reasonable line with reasonable > dates might be helpful to the community as a whole. How would it be helpful? - Matt _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
