[cabfpub] SHA1 Deprecation Ballot
Rob Stradling
rob.stradling at comodo.com
Thu Mar 13 14:04:15 UTC 2014
On 13/03/14 13:38, Gervase Markham wrote:
> On 13/03/14 12:38, Rob Stradling wrote:
>>> (d) is difficult to patch or replace without substantial economic outlay.
>>
>> As written, I think that if these proposed legacy exceptions apply
>> anywhere, then they apply pretty much everywhere.
>>
>> XP SP2 meets (a), (b) and (d) (where "substantial" means whatever the
>> reader wants it to mean).
>
> It doesn't meet d); you can install SP3 without substantial economic
> outlay.
If you're running a licensed copy of XP SP2, then yes.
If you're running an unlicensed copy of XP SP2, then no. SP3 was when
Windows Genuine Advantage first appeared, IINM, so you would struggle to
upgrade to SP3 without "substantial economic outlay". And where would
you purchase an XP licence from these days anyway?
AIUI, there are _a lot_ of users running XP SP2 for this reason. Yes,
it's illegal and we obviously do not condone it, but (as far as this
proposed ballot is concerned) I would say that these users are still
"Relying Parties" and what they are using is still "software".
> (I assume that Microsoft de-supporting XP doesn't mean that they
> are pulling down all the downloads relating to it.)
I'm not sure that that's a safe assumption.
http://windows.microsoft.com/en-gb/windows/help/what-does-end-of-support-mean
says:
"An unsupported version of Windows will no longer receive software
updates from Windows Update."
Perhaps somebody from Microsoft could clarify?
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the Public
mailing list