not
need to support DSA certificates.
Thanks,
Kathleen
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
On 2014-12-22 21:26, Ryan Sleevi wrote:
As part of the transition to BoringSSL, we've chosen to remove DSA
support. The number of well-formed DSA certificates out there was single
digits, so this is not likely to be a large Web Compat issue
My charts (http://roeckx.be/certificates/dsa.png
Symantec supports customer choice in algorithm selection and we have customers
that take advantage of that choice today. Whether to support organizational
policies that require the use of DSA or to provide an alternative to RSA in the
event that any vulnerabilities in that algorithm are
On Fri, January 9, 2015 12:28 pm, rashmi_tab...@symantec.com wrote:
Symantec supports customer choice in algorithm selection and we have
customers that take advantage of that choice today. Whether to support
organizational policies that require the use of DSA or to provide an
alternative
DSA was the mandatory to implement algorithm originally since that was out
of patent earlier than RSA.
I would like to kill as many unused crypto implementations as possible. The
algorithm might be sound but an implementation that has never been used in
practice is a huge liability.
On Tue,
All,
Should NSS and mozilla::pkix support DSA certificates?
Should we add support for DSA to Mozilla's CA Certificate Policy?
Background:
* Currently there are no DSA roots in the NSS root store.
https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/included
On Mon, December 22, 2014 10:00 am, Kathleen Wilson wrote:
All,
Should NSS and mozilla::pkix support DSA certificates?
Should we add support for DSA to Mozilla's CA Certificate Policy?
Background:
* Currently there are no DSA roots in the NSS root store.
https://www.mozilla.org
On Mon, December 22, 2014 3:16 pm, Peter Gutmann wrote:
Ryan Sleevi ryan-mozdevsecpol...@sleevi.com writes:
DSA certificates are complicated due to parameter inheritance through the
chain - which few get right, but which add ambiguity for path building
and
processing. DSA certificates
8 matches
Mail list logo