On Fri, Jan 2, 2009 at 10:44 PM, Dragos Ruiu <d...@kyx.net> wrote: > > On 2-Jan-09, at 6:53 PM, Gadi Evron wrote: >> >> Yes, this is a serious matter, but it hardly has any operational impact to >> speak of for users and none for NSPs. > > Dunno. Last I checked NSPs had web servers too. :-P
so, aside from 'get a re-issued cert signed SHA-1 from an approved CA that's SHA-1 signed as well' what's the recourse for an NSP? -chris
