-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Can someone clarify if the sha1 deprication will apply also to intermediate and or CA certs?
for example; "VeriSign Class 3 Public Primary Certification Authority - G5 Self-signed" a CA cert is SHA1withRSA. Will this cause any issues in the new year? https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-wi th-sha-1-based-signature-algorithms/ I see mention of Intermediate Certs but no mention of CA certs, perhaps because they are already in the client's trust store and so this implication is irrelivant? Kind Regards, Mike _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
