[cabfpub] Revisions to SHA-1 exception process?

Gervase Markham gerv at mozilla.org
Tue Aug 2 09:47:52 UTC 2016

On 02/08/16 03:37, Rick Andrews wrote:
> Symantec applied for, and received, approval from Microsoft, Google,
> Mozilla and Apple to issue seven SHA-1 certificates.

Now that we have gone through the process for the first time, we should
consider how it went and if we can make it both more secure and perhaps
more streamlined in future. Several suggestions were made during the
process for changes; perhaps now is the time for their proponents to
re-state them, with rationale, and we can discuss them.

(When I say "the process", I guess I mean the process documented by
Google, which Mozilla considers a superset of its requirements. I am
assuming that Google is open to discussion of further modifications to
that document in the light of experience; if not, they should please let
us know.)


More information about the Public mailing list