[cabfpub] SHA-1 Collision Found
eric at konklone.com
Fri Feb 24 04:31:17 UTC 2017
On Thu, Feb 23, 2017 at 10:54 PM, Phillip Hallam-Baker via Public <
public at cabforum.org> wrote:
> Things have to break before some people will act. Which is why I consider
> the proposal to further reduce validity intervals to provide more
> procrastination time positively harmful.
To restate this, you're saying that it's better to keep long-lived certs
around, so that the heightened damage their misissuance would do will
increase the motivation of CAs/browsers to deprecate weaker algorithms.
I think that's a very difficult stance to defend. Holding one security
feature hostage to spur support for another doesn't seem likely to produce
security benefits, either in this case or the general case.
> Public mailing list
> Public at cabforum.org
konklone.com | @konklone <https://twitter.com/konklone>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public