We used SHA1 and SHA2 in signing algorithm to sign end-entity SMIME certificates. SHA2 is the current practice for new end-entity SMIME certificates. We will be stopping SHA1 ICA usage by the end of 2016 for SMIME. We plan to use a new ICA that has a compliant EKU to issue SMIME certificates by the end of 2016.
Thanks, - Sanjay _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
