[cabfpub] Ballot - expiration of SHA1 certificates

Geoff Keating geoffk at apple.com
Mon Sep 8 22:37:20 UTC 2014


On 8 Sep 2014, at 3:20 pm, Eddy Nigg <eddy_nigg at startcom.org> wrote:

> 
> On 09/09/2014 01:09 AM, Eddy Nigg wrote:
>> 
>> On 09/09/2014 12:58 AM, Rick Andrews wrote:
>>> January 1 brings on a different set of challenges, because we, and many of our customers, impose a deployment freeze at the end of the year.
>> 
>> You can always start earlier if you want :-)
> 
> In this respect I'd like to see the leading web sites to start using SHA2 hashed certificates as proposed in the ballots. 

If you go to https://ssl.apple.com/support/security/ you should see a SHA-256 certificate.  Not all of apple.com is SHA-256, and there may be some difficulty with doing it everywhere, because apple.com is on the upgrade path from Windows XP (to Mac or iPad).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4103 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140908/03216c47/attachment-0001.p7s>


More information about the Public mailing list