[cabfpub] Question raised during CABF call today

Erwann Abalea erwann.abalea at keynectis.com
Fri Nov 22 15:27:50 UTC 2013

There's no security problem with it, it's only used to produce a 
constant size identifier.


Le 22/11/2013 12:48, Rob Stradling a écrit :
> On 21/11/13 19:10, Geoff Keating wrote:
> <snip>
>> For OCSP, I don't believe we have any plans to change the algorithm used
>> to hash the issuer name and public key in the OCSP request.  I'd be
>> interested in opinions as to whether this is necessary or desirable.
> Please keep using SHA-1 for the issuerNameHash and issuerKeyHash.  Forever!

More information about the Public mailing list