I support both of those requirements, so that we can avoid it on a 'problematic practices' side :)
There's a webcompat aspect for deprecation - but requiring RFC-compliant encoding (PKCS#1 v1.5) or 'not stupid' encoding (PSS) is a good thing for the Web :) On Fri, May 19, 2017 at 9:57 AM, Gervase Markham <g...@mozilla.org> wrote: > Brian Smith filed two issues on our Root Store Policy relating to making > specific requirements of the technical content of certificates: > > "Specify allowed PSS parameters" > https://github.com/mozilla/pkipolicy/issues/37 > > "Specify allowed encoding of RSA PKCS#1 1.5 parameters" > https://github.com/mozilla/pkipolicy/issues/38 > > I am not competent to assess these suggestions and the wisdom or > otherwise of putting them into the policy. I also am not able to draft > text for them. Can the Mozilla crypto community opine on these > suggestions, and what the web compat impact might be of enforcing them? > > Gerv > > > -- > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto