[cabfpub] Application for SHA-1 Issuance

Gervase Markham gerv at mozilla.org
Fri Jul 22 13:35:53 MST 2016


On 22/07/16 18:45, Rick Andrews wrote:
> I appreciate your clarification of Mozilla's stand before you take off.
> Based on the feedback we've received before your guidance, we began the
> process of generating another set of TBSCertificates based on TSYS' existing
> SHA-1 certificates without any random strings in the OU.

Certificates whose contents are entirely predictable or in line with
precedent would also be acceptable; but it seemed like there were
several questions about that floating around, and doing the serial
numbers by strict construction makes them all moot. If you want to try
dealing with all the questions about the contents instead, you are
welcome to try.

I would not normally condition my acceptance on someone else's, but in
these unusual circumstances, to avoid being a stumbling block, I will
condition it on Google's. If they are happy, I'm happy.

Gerv


More information about the Public mailing list