[cabfpub] LV Certificates
Ryan Sleevi
sleevi at google.com
Fri Dec 18 15:24:16 MST 2015
Jeremy,
Is this something DigiCert is endorsing, or are you merely presenting it on
behalf of non-members of the Forum in the effort to find sponsors and
endorsers?
On Fri, Dec 18, 2015 at 2:21 PM, Jeremy Rowley <jeremy.rowley at digicert.com>
wrote:
> Hi everyone,
>
>
>
> Attached is a proposal from Cloudflare and Facebook creating LV
> certificates in the baseline requirements. This is a draft ballot for
> review that will, of course, change based on the debate in the forum.
> Although CAs will stop issuing SHA-1 on 2016/1/1, there isn’t any reason
> these changes couldn’t go into effect in early January (assuming a passing
> vote).
>
>
>
> If adopted, this ballot would permit continued use of SHA1 certificates
> past the deprecation deadline (to support older devices) but give newer
> browsers an easy way to reject SHA1 for users. The ballot also increases
> the resiliency of SHA1 certs against attacks by requiring higher entropy
> serial numbers.
>
>
>
> I look forward to your comments.
>
>
>
> Thanks,
>
> Jeremy
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20151218/8c82e101/attachment.html
More information about the Public
mailing list