Roland Shoemaker <[email protected]> wrote: > Let's Encrypt is currently considering moving away from using SHA1 as > the issuer subject/public key hashing function in OCSP responses and > using SHA256 instead. Given a little investigation this seems like a > safe move to make but we wanted to check with the community to see if > anyone was aware of legacy (or contemporary) software issues that may > cause us any trouble.
I'm not sure I understand you correctly, but see: https://bugzilla.mozilla.org/show_bug.cgi?id=966856 https://hg.mozilla.org/mozilla-central/annotate/578899c0b819/security/pkix/lib/pkixocsp.cpp#l717 Cheers, Brian -- https://briansmith.org/ _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
