Paul Hoffman wrote: > > It is indeed. Does Firefox have to rely on XP's CAPI, or could we > provide our own crypto for something as important as this? Will we care > about XP in five years? What if we made the date seven years in order to > take care of the dwindling XP crowd?
Firefox uses its own crypto implementation (the NSS libraries), so Firefox supports SHA-256 today. The issue is CAPI-based applications such as Internet Explorer and Outlook. CAs need to make sure these applications support SHA-256 before they will deploy signatures using SHA-256. Wan-Teh _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto