On 21/11/16 20:29, Myers, Kenneth (10421) wrote:
> I've been trying to stay on top of the SHA-1 phase-out discussion but
> lost track. Where did it leave off?
I drafted a potential update to Mozilla's policy which was discussed
here, and has now moved to the CAB Forum public list for f
Hi Gerv,
I've been trying to stay on top of the SHA-1 phase-out discussion but lost
track. Where did it leave off?
I think I saw something of doing a ban at the browser level to not trust the
SHA-1 algorithm. Is this possible?
Kenneth Myers
Manager
+1.571.366.6120 +1.703.299.3046 fax
On 16/11/16 09:08, Kurt Roeckx wrote:
> The other option would be that Firefox adds an option to allow SHA-1 for
> things that are in the trust store but are not in the default trust store.
AIUI, that is going to be the default behaviour.
Gerv
___
On 2016-11-15 18:00, Peter Bowen wrote:
On Tue, Nov 15, 2016 at 7:25 AM, Kurt Roeckx wrote:
- If it's an enterprise root they need to switch to SHA-2
This is a lot easier said than done for many organizations. Depending
on the CA software this might be a small configuration
On Tue, Nov 15, 2016 at 7:25 AM, Kurt Roeckx wrote:
>
> - If it's an enterprise root they need to switch to SHA-2
This is a lot easier said than done for many organizations. Depending
on the CA software this might be a small configuration change or might
involve a very large
On 2016-11-15 16:19, Gervase Markham wrote:
On 15/11/16 12:20, jansomar...@gmail.com wrote:
I would step in to your discussion if you don't mind. My question is
very similar to the original one but in regards to internal usage of
SHA-1 signed certs. We are running large number of network devs
Hello Guys,
I would step in to your discussion if you don't mind. My question is very
similar to the original one but in regards to internal usage of SHA-1 signed
certs. We are running large number of network devs acting as a proxy and users
need to authenticate in order to access some of the
On Wednesday, 12 October 2016 14:50:22 UTC+1, Gervase Markham wrote:
> However, we would counsel all sites to move
> away from SHA-1 as the user experience will be as bad as the security.
A message I've seen from some security vendors, that I don't want us
reinforcing, is the idea that the
Hi Security team,
I have 2 questions which I would be grateful if you can help.
I have seen various posts mentioning that after 1 of January 2017, browsers
will stop support of SHA1 signed CAs. I am looking into a way to identify
which WEB sites will not work until new certificate is applied and
9 matches
Mail list logo