On Wed, Mar 2, 2016 at 1:25 AM, Yoav Nir <ynir.i...@gmail.com> wrote:
> > > On 2 Mar 2016, at 11:16 AM, Rob Stradling <rob.stradl...@comodo.com> > wrote: > > > > On 02/03/16 09:10, Rob Stradling wrote: > > <snip> > >>> Neither you nor I can post in any of the CA/Browser forum’s lists, > >>> because neither of us has either a browser or a public CA. > >>> > >>> There are some people who are active there and are reading this list, > >>> so they might take such a proposal there. I’m not very optimistic, > >>> though. > >> > >> Please don't give up without even trying! > >> > >> If you have a proposal, I'd be happy to post it to the > >> pub...@cabforum.org list on your behalf. > > > > Oh, somebody else beat me to it: > > > > https://cabforum.org/pipermail/public/2016-March/006910.html > > Right. And the response was that while PSS in in NSS, it’s not in Firefox. > No word on the other browsers out there, and definitely no word on a bunch > of non-browser clients that connect to servers using certificates from the > public CA. > For what it's worth, I expect PSS support to appear in Firefox sometime in the not too distant future, since it's clear we need it for 1.3 and it's not much effort to add it for 1.2 and below. -Ekr I totally understand that the commercial CAs cannot afford to deprecate > PKCS#1 now. It might be prudent to announce some long-term deprecation plan > such as the one for SHA-1 signatures. > > We can hope that by the time the transition is complete RSA will have been > abandoned in favor of ECDSA and/or EDDSA, but I would not bet on it. > > Yoav > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
