[cabfpub] A better way to do SHA-1 legacy

Gervase Markham gerv at mozilla.org
Tue Jul 19 06:08:03 MST 2016

On 18/07/16 18:36, philliph at comodo.com wrote:
> Looking at the recent SHA-1 muck up, I am not confident that the
> current approach works. It fails for the same reason that random
> Elliptic Curve parameters fails, there is no mechanism that allows a
> process for generating random numbers to be audited.
> So lets go to the solution we chose for EC - rigid construction. This
> can be made to be auditable.

This seems like a good idea; objections?


More information about the Public mailing list