Eddy Nigg wrote: > On 01/13/2009 10:15 AM, Rob Stradling: >> Eddy, I do think that the Mozilla CA Certificate Policy should cover >> *all* "actual" problematic practices. In this particular case, I >> think that >> a blacklist of unsupported/non-allowed/not-recommended algorithms >> and/or a >> whitelist of supported/allowed/recommended algorithms would be very >> useful >> information for the CAs. > > Useful yes, up to certain extend. If there is too much information in > the policy, it will start to be problematic. The policy shouldn't be > changed every here and now and I think this is the position Frank > represents too.
Maybe it would be better to point to algorithm recommendations by NIST or similar national organizations? Ciao, Michael. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
