On 25/03/2019 23:42, Wayne Thayer wrote:
> My general sense is that we should be doing more to discourage the use of
> SHA-1 rather than less. I've just filed an issue [1] to consider a ban on
> SHA-1 S/MIME certificates in the future.
>
> On Mon, Mar 25, 2019 at 10:54 AM Jakob Bohm via dev-securi
My general sense is that we should be doing more to discourage the use of
SHA-1 rather than less. I've just filed an issue [1] to consider a ban on
SHA-1 S/MIME certificates in the future.
On Mon, Mar 25, 2019 at 10:54 AM Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org>
On 23/03/2019 02:03, Wayne Thayer wrote:
> On Fri, Mar 22, 2019 at 6:54 PM Peter Bowen wrote:
>
>>
>>
>> On Fri, Mar 22, 2019 at 11:51 AM Wayne Thayer via dev-security-policy <
>> dev-security-policy@lists.mozilla.org> wrote:
>>
>>> I've been asked if the section 5.1.1 restrictions on SHA-1 issua
On Fri, Mar 22, 2019 at 6:54 PM Peter Bowen wrote:
>
>
> On Fri, Mar 22, 2019 at 11:51 AM Wayne Thayer via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
>> I've been asked if the section 5.1.1 restrictions on SHA-1 issuance apply
>> to timestamping CAs. Specifically, doe
On Fri, Mar 22, 2019 at 11:51 AM Wayne Thayer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> I've been asked if the section 5.1.1 restrictions on SHA-1 issuance apply
> to timestamping CAs. Specifically, does Mozilla policy apply to the
> issuance of a SHA-1 CA certifica
Thanks Andrew and Ryan. I can certainly see the intent to implement a
comprehensive ban on SHA-1 with the "sign SHA-1 hashes" language in section
5.1.1. This implies that section 5.1.1 overrides the scope statement in
section 1.1of our policy.
However, it is also apparent that S/MIME is intentiona
On Fri, Mar 22, 2019 at 4:00 PM Andrew Ayer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On Fri, 22 Mar 2019 12:50:43 -0600
> Wayne Thayer via dev-security-policy
> wrote:
>
> > I've been asked if the section 5.1.1 restrictions on SHA-1 issuance
> > apply to timestamp
On Fri, 22 Mar 2019 12:50:43 -0600
Wayne Thayer via dev-security-policy
wrote:
> I've been asked if the section 5.1.1 restrictions on SHA-1 issuance
> apply to timestamping CAs. Specifically, does Mozilla policy apply to
> the issuance of a SHA-1 CA certificate asserting only the
> timestamping E
GlobalSign concurs.
-Original Message-
From: dev-security-policy On
Behalf Of Wayne Thayer via dev-security-policy
Sent: Friday, March 22, 2019 2:51 PM
To: mozilla-dev-security-policy
Subject: Applicability of SHA-1 Policy to Timestamping CAs
I've been asked if the section 5.1.1 restri
9 matches
Mail list logo