This article (https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/) states that SHA-1 SSL server certificates will not be trusted after 2017 Jan 01 (updated to 2016 Jun 01 if I remember correctly).
Do you plan to prevent user from using SHA-1 SSL client certificates as well ? If so, what is the expected deadline ? Thanks in advance, Regards, @iansus _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
