User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 Build ID: 20160407164938 Steps to reproduce: This is more of a security question that a real bug. This article (https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/) states that SHA-1 SSL server certificates will not be trusted after 2017 Jan 01 (updated to 2016 Jun 01 if I remember correctly). Do you plan to prevent user from using SHA-1 SSL client certificates as well ? If so, what is the expected deadline ? Thanks in advance, Regards, @iansus
This is best suited to a discussion forum such as https://groups.google.com/forum/#!forum/mozilla.dev.security.policy
Status: UNCONFIRMED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.