On 15/05/17 14:07, Jakob Bohm wrote: > 1. Microsoft's e-mail clients were very late to accept stronger > signature algorithms for e-mails (including e-mails sent by users of > non-problematic e-mail clients). I believe Globalsign's page about > SHA256-transition for customers provides a nice overview.
Link? Any docs about research people have done into the prevalance of SHA-1 for S/MIME, and which clients don't support SHA-256, would be very useful. Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy