> Summary of changes: > > - 'Signature Hash Algorithm' will have new drop down list: > md2WithRSAEncryption, md5WithRSAEncryption, sha1WithRSAEncryption, > sha256WithRSAEncryption, sha384WithRSAEncryption, sha512WithRSAEncryption, > ecdsaWithSHA256, ecdsaWithSHA384. ecdsaWithSHA521 > - 'Public Key Algorithm' will have new drop down list: RSA 1024 bits, RSA > 2048 bits, RSA 4096 bits, EC secp256r1, EC secp384r1, EC secp521r1 > - 'Signature Algorithm' & 'Signing Key Parameters' will be deprecated > - 'Certificate ID' a new field will be added and auto populated. It > identifies same logical certificate in different CA Hierarchies. > SHA-256(der(subject) + der(spki)). > - 'Certificate Serial number' new field on root page will be added and auto > populated > - 'CRl URl(s)' will be populated by urls ending with .crl only > - Minor rearrangements of fields will be made to root and intermediate page > layouts > - A batch process will re-run PEM->JSON tool for all intermediate certs and > populate PEM fields > - Another batch process will add PEM info to root certs and all PEM fields > will be populated by the values returned by x509certChecker utility > (PEM->JSON) > - 'Add/Update PEM info' button will be made available to root store managers > who have write-access (currently only Mozilla and Microsoft)
The changes listed above have been completed. > - Reports which use 'Signature Algorithm'/ 'Signing Key Parameters' will show > the new fields instead. > - CSV Reports which use 'Signature Algorithm'/ 'Signing Key Parameters' will > show the new fields instead. The reports are still being updated. Some additional changes to the reports: - Replacing SHA1 Fingerprint with SHA256 Fingerprint - Adding Cert Serial Number and CertID Kathleen _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
