[cabfpub] SHA-1 Collision Found
Eric Mill
eric at konklone.com
Thu Feb 23 21:31:17 MST 2017
On Thu, Feb 23, 2017 at 10:54 PM, Phillip Hallam-Baker via Public <
public at cabforum.org> wrote:
>
> Things have to break before some people will act. Which is why I consider
> the proposal to further reduce validity intervals to provide more
> procrastination time positively harmful.
>
To restate this, you're saying that it's better to keep long-lived certs
around, so that the heightened damage their misissuance would do will
increase the motivation of CAs/browsers to deprecate weaker algorithms.
I think that's a very difficult stance to defend. Holding one security
feature hostage to spur support for another doesn't seem likely to produce
security benefits, either in this case or the general case.
-- Eric
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
>
--
konklone.com | @konklone <https://twitter.com/konklone>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170223/3c85fb71/attachment-0001.html>
More information about the Public
mailing list