Re: Formalize a SHA-1 deprecation announcement?

On 8/28/14, 8:01 PM, Eric Mill wrote: I hadn't caught the wiki update -- that's terrific! Thanks for pointing it out. I had planned to say something about the change in the wiki page in this discussion forum, but just hadn't gotten around to it yet. So, I appreciated the reminder. I can

Re: Formalize a SHA-1 deprecation announcement?

I concur with Eric. -- Adriano Il 28/08/2014 04:57, Eric Mill ha scritto: Microsoft publicly deprecated SHA-1 as a valid SSL certificate signature algorithm in Nov 2013: http://blogs.technet.com/b/pki/archive/2013/11/12/sha1-deprecation-policy.aspx And just a week ago, Chrome announced their

RE: Formalize a SHA-1 deprecation announcement?

, August 28, 2014 12:53 PM To: mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: Formalize a SHA-1 deprecation announcement? Yep. I recently added the following. Feedback welcome/appreciated. https://wiki.mozilla.org/CA:Problematic_Practices#SHA-1_Certificates == SHA-1 certificates may

Re: Formalize a SHA-1 deprecation announcement?

I hadn't caught the wiki update -- that's terrific! Thanks for pointing it out. I can make an announcement in Mozilla's Security Blog if you all think that is needed. I do think a quick announcement, linking to your wiki page and linking to MS' and Chrome's announcements, would be helpful in