On 2015-10-21 22:18, s...@gmx.ch wrote:
There was also a plan for certificates with 'notAfter >= 2017-1-1'
(still valid in 2017+).
Chrome already shows a broken https icon for them.
See https://sha1-2017.badssl.com/
This was discussed in https://bugzilla.mozilla.org/show_bug.cgi?id=942515
So my understanding is that with Mozilla's current plan a SHA-1
certificate with NotBefore < 2016-01-01 (and NotAfter >= 2017-01-01)
will not get any "Untrusted Connection".
It would be nice that there was some other indication about SHA-1
certificates other than in the Web Console that nobody will see.
Kurt
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
