[cabfpub] FW: Ballot - expiration of SHA1 certificates
Gervase Markham
gerv at mozilla.org
Mon Sep 8 05:45:35 MST 2014
On 08/09/14 13:24, Erwann Abalea wrote:
> The problem with SHA1 is its low collision resistance. It's a problem
> with signed objects if the applicant can be hostile (certificate
> request, signed document, timestamp, ...). A subordinate CA, if owned
> and operated by the same entity as the issuing CA, isn't hostile.
A fair point. However, intermediate certificates tend to live longer
than end-entity certificates, so the risk of continued issuance even
without a potentially hostile applicant is more uncertain.
Is there anything which breaks under the new SHA-1 rules which would
_not_ break if it was permitted to issue SHA-256 EE certs from a SHA-1
intermediate?
Gerv
More information about the Public
mailing list