[cabfpub] SHA-1 Collision Found

Ryan Sleevi sleevi at google.com
Thu Feb 23 20:40:29 MST 2017


On Thu, Feb 23, 2017 at 7:04 PM, philliph at comodo.com <philliph at comodo.com>
wrote:

> If we are to lead, how about doing the obvious and setting a date by which
> servers and browsers are advised to provide support for SHA-3?
>

Hi Phillip,

Could you point me to any IETF documents that describe or specify how CAs
would generate such signatures?

And can you point me to any HSM vendors that CAs might use to ensure that
their private keys are appropriately protected when generating these
signatures?

I look forward to engaging with you on how we can move the industry
forward, and I look forward to opportunities to learn about what efforts
Comodo has put forward in this space, as well as opportunities for how we
as a Forum can work together to address the necessary and obvious concerns
before discussing dates.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170223/41053471/attachment.html>


More information about the Public mailing list