[cabfpub] Mozilla SHA-1 further restrictions

[Gervase Markham]

On 17/11/16 16:44, Andrew Ayer wrote:
> If CAs really have to keep signing attacker-controlled non-certificate
> data with SHA-1,

Perhaps what we need is a collection of use cases?

What do people need to sign which is not a cert?

* OCSP response
* CRL

What else? And what parts of those things could be attacker-controlled?
And how can the risk of signature transfer be mitigated?

Gerv