[cabfpub] SHA-1 ban via Mozilla policy

philliph at comodo.com philliph at comodo.com
Mon Nov 7 13:19:02 UTC 2016


One point I made there is that it is all very well telling the IoT developers what they should have done after the fact. But we are not telling people what they should be doing instead today.

Probably we should be telling CAs to set up a set of roots specifically for embedded devices which are going to be difficult or impossible to upgrade and for IoT developers to use them.


> On Nov 7, 2016, at 4:53 AM, Gervase Markham via Public <public at cabforum.org> wrote:
> Dear CAB Forum members,
> I just want to draw your attention to a discussion I've just started in
> mozilla.dev.security.policy about a proposed more comprehensive ban on
> SHA-1 use in hierarchies which chain up to Mozilla-trusted roots. Your
> input in that forum is most welcome.
> Gerv
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

More information about the Public mailing list