At 2:20 AM -0700 6/6/08, Kyle Hamilton wrote: >The NIST date and EV date are the dates when they should no longer be >used, not 'no longer admitted for use', unless I'm completely >misreading the table on page 66 of the NIST SP800-57.
You are not misreading the table. That's a "do not use after" date. It's the same date NIST says you're supposed to stop using SHA-1. If we have any desire to have Mozilla and/or Thunderbird achieve FIPS 140 compliance, users are going to need to stop using these certs anyhow. See NIST SP 800-113. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto