[cabfpub] Mozilla SHA-1 further restrictions

Rob Stradling rob.stradling at comodo.com
Tue Nov 22 11:18:44 UTC 2016


On 21/11/16 19:12, Gervase Markham wrote:
> On 18/11/16 15:27, Rob Stradling wrote:
>> RFC6962 precertificates are X.509 certificates, but 6962-bis
>> precertificates are CMS signed-data objects.
>>
>> See
>> https://tools.ietf.org/id/draft-ietf-trans-rfc6962-bis-20.html#rfc.section.3.2
>>
>> Does that make them "non-certificate data" ?
>
> Hang on... why would someone be signing one of these using SHA-1?

1. Sometimes CAs make mistakes.  Perhaps you've noticed.  ;-)

2. RFC6962 is geared towards the WebPKI, but I heard that at least one 
CA (WoSign) was planning to submit all code signing certs and client 
certs to public CT logs too.

3. It's not impossible that there are private RFC6962 deployments 
outside the WebPKI.

> SHA-1 use in the WebPKI is banned.

Indeed.

Regardless of any of the above, I think it's always a good idea to 
categorize things as clearly as possible.

-- 
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online



More information about the Public mailing list