According to http://se.360.cn/event/gmzb.html, the browser needs to send a http header Accept-Protocal: SM-SSL. Perhaps someone can do an Internet scan against Chinese sites (especially gov) to observe SM2 certs
Percy Alpha(PGP <https://pgp.mit.edu/pks/lookup?op=vindex&search=0xF30D100F7FE124AE>) On Mon, Oct 31, 2016 at 10:54 AM, Han Yuwei <hanyuwe...@gmail.com> wrote: > 在 2016年10月31日星期一 UTC+8下午11:50:46,Gervase Markham写道: > > On 30/10/16 19:47, Han Yuwei wrote: > > > SM2 is widely used in Chinese government websites. There is a openssl > > > branch (https://github.com/guanzhi/GmSSL) who implemented > > > SM2/SM3/SM4. And I don't see any other depolyment in HTTPS. > > > > Right, but my question remains: can you find a site with a WoSign SM2 > > certificate, which chains up to a root Mozilla trusts? > > > > Gerv > > I am sorry that I can't provide such a certificate for I am not involved > in these systems. And I am not likely think there could be a SM2 > certificate because major broswers don't implemented SM2/SM3/SM4 so the > server would only send RSA/ECC certificates. > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy