[cabfpub] Microsoft Proposed Updates to the SHA-1 Deprecation Timeline

Ryan Sleevi sleevi at google.com
Thu Oct 29 17:56:27 UTC 2015

On Oct 29, 2015 10:51 AM, "Wayne Thayer" <wthayer at godaddy.com> wrote:
> 8 bytes of entropy in the serialNumber field has been a requirement of
Microsoft’s root program since 2013:

And yet a number of notable CAs have been failing that policy for some time.

As it is, it isn't an audited requirement (part of the BRs or
WebTrust/ETSI), nor has it been followed since required (for example, one
large CA is still a month away from complying), so the risk to platforms is
still very real.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20151029/a5494474/attachment-0003.html>

More information about the Public mailing list