On 03/11/16 18:09, Andrew Ayer wrote: > This is just as bad as signing an actual cert with SHA-1.
Add: https://bugzilla.mozilla.org/show_bug.cgi?id=1315225 (Symantec) Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy