[cabfpub] SHA1 Deprecation Ballot

Ben Wilson ben at digicert.com
Wed Feb 19 20:01:34 UTC 2014

I'm not sure whether I've captured it all, but here is a rough draft of a
possible ballot for the Baseline Requirements. 


Effective immediately CAs SHOULD begin migrating away from using the SHA-1
hashing algorithm to sign SSL/TLS and code signing certificates.   


Beginning January 1, 2016, CAs SHALL NOT use the SHA-1 hashing algorithm to
sign SSL/TLS or code signing certificates.


Please provide your comments, edits, etc., 





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140219/216841d2/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5453 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140219/216841d2/attachment.p7s>

More information about the Public mailing list