[cabfpub] SHA1 Deprecation Ballot
Gervase Markham
gerv at mozilla.org
Thu Mar 13 14:52:50 UTC 2014
On 13/03/14 00:36, Ben Wilson wrote:
> After discussions earlier today with Doug, here is where I think we were:
This doesn't make sense, because it says "SHA-1 cannot be with validity
> 15 months unless the software will fail to operate if SHA-1 is not
used". But you can use SHA-1 under these rules, you just can't use it
with a validity period > 15 months.
So it should say "SHA-1 cannot be with validity > 15 months unless the
software will fail to operate if the validity is <= 15 months".
Gerv
More information about the Public
mailing list