[cabfpub] SHA1 Deprecation Ballot

Erwann Abalea erwann.abalea at keynectis.com
Thu Feb 20 10:20:50 UTC 2014

The Microsoft switch also concerns OCSP responses and CRLs.
I think it also concerns intermediate CAs (was it mentioned here?).


Le 19/02/2014 21:01, Ben Wilson a écrit :
> I'm not sure whether I've captured it all, but here is a rough draft 
> of a possible ballot for the Baseline Requirements.
> Effective immediately CAs SHOULD begin migrating away from using the 
> SHA-1 hashing algorithm to sign SSL/TLS and code signing certificates.
> Beginning January 1, 2016, CAs SHALL NOT use the SHA-1 hashing 
> algorithm to sign SSL/TLS or code signing certificates.
> Please provide your comments, edits, etc.,
> Thanks,
> Ben

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140220/b450c872/attachment-0003.html>

More information about the Public mailing list