On 29/10/16 22:42, Percy wrote: > However, on the official website > (https://www.wosign.com/about/Why_WoSign.htm) WoSign stated that "沃通是 > 中国唯一一家也是全球唯一一家能签发全球信任的采用国产加密算法(SM2) 的SSL证书和代码签名证书的商业CA。" WoSign is > the only commercial CA in China -- only commercial CA in the world > that can Sign SM2 SSL certs/code signing cert that is globally > trusted.
Well, that statement is either false or very misleading, because in order for an SM2 certificate to be useful "globally", there needs to be wide browser support. I don't know exactly which browsers support SM2, but I know that Firefox, Chrome, Safari, IE and Edge do not. > This means that WoSign is not only signing SM2 certs for testing but > also signing SM2 from the globally trusted roots in production. I > suspect that there are SM2 certs from trusted root WoSign certs used > in the wild. Can you find one? Gerv _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
