On 07/09/17 00:41, Ben Wilson wrote: > We immediately contacted the operators of the issuing CAs and > requested that they replace their OCSP responder certificates with > ones signed with SHA2, and most have done so. However, in drafting > this post I reviewed the Baseline Requirements, section 7.1.3, which > I think is ambiguous and allows SHA1 OCSP Responder Certificates in > some situations. It says, “Effective 1 January 2016, CAs MUST NOT > issue any new Subscriber certificates or Subordinate CA certificates > using the SHA-1 hash algorithm. CAs MAY continue to sign certificates > to verify OCSP responses using SHA1 until 1 January 2017.
I interpret that as saying that if your OCSP responder's signing certificate was created before 1 January 2017, and was signed using SHA-1, you can keep using it until it expires. However, note that Mozilla policy has some additional requirements in this area, notably that SHA-1 certs used to sign OCSP responses must be technically constrained to be only used for OCSP signing. Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
