On 07/11/2016 15:00, Gervase Markham wrote:
On 07/11/16 13:11, Phillip Hallam-Baker wrote:
...
...
None of the current browser versions support SHA-1.
Yes, they do. They won't as of January 2017.
Since any policy change has no chance of taking effect before that
date, they effectively don't for the purpose of discussing policy
changes.
If digest functions are so important, perhaps the industry should be
focusing on deployment of SHA-3 as a backup in case SHA-2 is found wanting
in the future.
https://yourlogicalfallacyis.com/black-or-white . This is not either/or.
He wasn't claiming that.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
