[cabfpub] Ballot 118 - SHA1 Sunset

Gervase Markham gerv at mozilla.org
Fri Oct 3 03:24:25 MST 2014


On 03/10/14 10:17, Ryan Sleevi wrote:
> It is worth noting that, according to Microsoft's policies (which, I
> should note, Chrome has also adopted), no SHA-1 certs can be issued by
> members of the root programs. 

By CAs who are members of their root programs? Or by roots which are
trusted by their root programs?

It might be possible to find a root, such as a 1024-bit one, which has
been removed from root programs but is still trusted by the older
browsers which such a scheme would target. Is there anything in
Microsoft's or Google's policies which would prevent us asking a CA with
such a root to issue us a SHA-1 certificate for the purpose of getting
people onto software which supports SHA-256?

> However, I think you perhaps have too rosy a view about how such an
> exemption would play out in practice. If browsers adopt negative UI (as
> Chrome does, and as have both you and other Mozilla developers suggested
> Firefox will/should) for such post-2016 certs, then the ability to
> reasonably enforce such UI is contingent upon believing no CAs will be
> issuing such certs.

Not really. Given that you are putting the UI in now, a row-back later
would not have much immediate effect on the number of people who would
get negative UI. Which would make a change of mind, even if you wanted
one, impossible.

> The situation you describe - which doesn't arise until Jan 2016 -

Yes, indeed. But the de-adoption curves are not looking all that awesome.

> appetite for that. I think it's reasonable that by 2016, if you're still
> running a 15 year old OS, you'll have a bad time. And not just because
> SHA-1, but because SNI, ECDSA, etc.

Right. If we could get people to upgrade, we would.

Gerv


More information about the Public mailing list