[cabfpub] SHA1 options for payment processors

Rob Stradling rob.stradling at comodo.com
Fri Mar 11 14:51:16 UTC 2016

On 11/03/16 01:16, Dean Coclin wrote:
> You misunderstood my point and maybe it was my fault. I wasn't talking about
> SHA-1, rather helping out a CA on an issue specific to that CA .

You're talking about "issues" that are specific to one CA and that can 
only be solved by violating the BRs, right?

https://crt.sh/?caid=6471 has only been active for a few months, so it's 
been in scope for the BRs from day one.  I would expect the Forum to be 
extremely hostile to any future request from Comodo to violate the BRs 
for the benefit of Western Digital!

> Dean
> -----Original Message-----
> From: Rob Stradling [mailto:rob.stradling at comodo.com]
> Sent: Thursday, March 10, 2016 3:05 PM
> To: Dean Coclin <Dean_Coclin at symantec.com>; Ryan Sleevi <sleevi at google.com>
> Cc: CABFPub <public at cabforum.org>
> Subject: Re: [cabfpub] SHA1 options for payment processors
> On 10/03/16 17:30, Dean Coclin wrote:
> <snip>
>> As I said earlier, there are legacy reasons why these are Symantec
>> customers but that shouldn't have a bearing into finding a solution.
>> What if this related to Western Digital customers that are exclusive
>> to Comodo?
> Hi Dean.
> I'm not sure why you picked https://crt.sh/?caid=6471 as an example.
> The intermediate certificate is signed using sha384WithRSAEncryption, and it
> signs end-entity server authentication certificates (that are in scope for
> the BRs) using sha256WithRSAEncryption.
> No SHA-1 involved.  Also, AIUI, web browsers are the intended clients.
> --
> Rob Stradling
> Senior Research & Development Scientist
> COMODO - Creating Trust Online

Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
Office Tel: +44.(0)1274.730505
Office Fax: +44.(0)1274.730909

COMODO CA Limited, Registered in England No. 04058690
Registered Office:
   3rd Floor, 26 Office Village, Exchange Quay,
   Trafford Road, Salford, Manchester M5 3EQ

This e-mail and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom they are 
addressed.  If you have received this email in error please notify the 
sender by replying to the e-mail containing this attachment. Replies to 
this email may be monitored by COMODO for operational or business 
reasons. Whilst every endeavour is taken to ensure that e-mails are free 
from viruses, no liability can be accepted and the recipient is 
requested to use their own virus checking software.

More information about the Public mailing list