Ian,
Ian G wrote:
Yes, the writing is on the wall for SHA-1 as well, and has been since
2005 or so.
February 2005, here's my blog posts.
https://financialcryptography.com/mt/archives/000374.html
https://financialcryptography.com/mt/archives/000357.html
https://financialcryptography.com/mt/archives/000355.html
So pretty much all vendors should be happy with complete SHA2 coverage
by now. What's Mozilla's state?
NSS / mozilla have supported SHA 2 algorithms for certificate signatures
for 5.5 years. Nelson implemented SHA-2 in NSS version 3.8, which was
released in April 2003 . See
http://www.mozilla.org/projects/security/pki/nss/ for the history, as
well as
http://www.mozilla.org/projects/security/pki/nss/nss-3.8/nss-3.8-release-notes.html
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
