At 1:53 PM -0400 6/2/08, Frank Hecker wrote: > > BTW, I would flag *all* ECC certs with "Cause for further checking" due >> to the very low amount of interop testing that has been done with them. >> Again, not to say "don't do this", just "we want to ask a few questions >> that might start a dialog". > >I haven't made a change for this yet. I think I need a separate >questions relating to the public key scheme used; that would be an >appropriate place to discuss this.
Good call. Quite frankly, even though we all think that RSA-with-SHA256 is a good idea in the long run, I would want to see some interop reports when the first CA puts in a signature with that. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
