Re: Intent to unimplement: proprietary window.crypto functions/properties

> Maybe because the removal wasn't proposed at that time? Now there is a > proposal to remove something that has no working (not even standardized) > successor. Also, people using this stuff are really far away from W3C. Firefox had a competitive advantage in supporting this. It would have been w

SHA-1 roots, OCSP, CRLs and the transition away from SHA-1

This discussion started in the CA/Browser Forum public list; I'm moving it here at Gerv's suggestion. Mozilla recently posted its SHA-1 policy here: https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/. This blog is helpful, but not comple