[cabfpub] CAB Forum Policy Change request

Gervase Markham gerv at mozilla.org
Thu Sep 3 10:45:49 UTC 2015

On 02/09/15 23:06, Rick Andrews wrote:
> We are writing about the SHA-1 deprecation policy that all trusted
> Internet Certification Authorities must comply.  Our specific concern is
> the December 31, 2015 deadline for obtaining SHA-1 server certificates. 

Is AT&T able to say anything about the fields of use for the systems
whose certificates which they are not able to upgrade? Are these systems
facing the open internet which are to be accessed with standard web
browsers? Or are they internal systems to be accessed with standard web
browsers? Or are these certs used in server-to-server communication? Or
all of the above? Or something else?

To put it another way: which root stores (and of what vintage) do the
certs on these machines have to be recognised by?


More information about the Public mailing list