[cabfpub] SHA1 Deprecation Ballot
Erwann Abalea
erwann.abalea at keynectis.com
Thu Feb 20 10:20:50 UTC 2014
The Microsoft switch also concerns OCSP responses and CRLs.
I think it also concerns intermediate CAs (was it mentioned here?).
--
Erwann ABALEA
Le 19/02/2014 21:01, Ben Wilson a écrit :
>
> I'm not sure whether I've captured it all, but here is a rough draft
> of a possible ballot for the Baseline Requirements.
>
> Effective immediately CAs SHOULD begin migrating away from using the
> SHA-1 hashing algorithm to sign SSL/TLS and code signing certificates.
>
> Beginning January 1, 2016, CAs SHALL NOT use the SHA-1 hashing
> algorithm to sign SSL/TLS or code signing certificates.
>
> Please provide your comments, edits, etc.,
>
> Thanks,
>
> Ben
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140220/b450c872/attachment-0003.html>
More information about the Public
mailing list