Updating SSL keys on fedoraproject.org 2011-03-10
Till Maas
opensource at till.name
Fri Mar 11 19:22:55 UTC 2011
On Fri, Mar 11, 2011 at 08:44:55AM -0600, Chris Adams wrote:
> Once upon a time, Petr Pisar <ppisar at redhat.com> said:
> > This year? In Europe we are over. All quallified CA's are forbiden to
> > issue SHA-1 certificates since begin of 2010.
>
> Cite? https://europa.eu/ uses SHA-1 on a cert issued in February 2010.
> Of course, they also haven't disabled the weak SSL ciphers, so it's hard
> to claim high security.
I assume he meant since Januar 2011. This is at least the official
statement for Germany:
http://www.bundesnetzagentur.de/DE/Sachgebiete/QES/Veroeffentlichungen/Algorithmen/algorithmen_node.html
http://www.bundesnetzagentur.de/cae/servlet/contentblob/192414/publicationFile/10008/2011AlgoKatpdf.pdf
The relevant pages in the PDF document are pages 3 and 4, especially the
table on page 4.
Regards
Till
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20110311/27447e33/attachment.bin
More information about the devel
mailing list