Security/CryptoEngineering/SHA-1: Difference between revisions

Security/CryptoEngineering/SHA-1 (view source)

2 bytes removed , 1 November 2016

Fix link

122

edits

Revision as of 22:25, 1 November 2016 (view source) Jcjones (talk \| contribs) (Fix formatting) ← Older edit		Revision as of 22:25, 1 November 2016 (view source) Jcjones (talk \| contribs) (Fix link) Newer edit →
Line 1:		Line 1:
	Continuing the plan from the [~~[Phasing Out SHA-1 On The Public Web\|~~https://blog.mozilla.org/security/2016/10/18/phasing-out-sha-1-on-the-public-web/]] blog post:		Continuing the plan from the [https://blog.mozilla.org/security/2016/10/18/phasing-out-sha-1-on-the-public-web/ Phasing Out SHA-1 On The Public Web blog post]:

	One of the challenges we know about is that some of our users are affected by logical network appliances that man-in-the-middle (MITM) all of Firefox's connections. If their MITM appliance uses SHA-1 from a publicly-trusted root, any action we take on SHA-1 will affect all their browsing. Note though that this would also be a violation of the Baseline Requirements, so we really hope we won't see this situation occur.		One of the challenges we know about is that some of our users are affected by logical network appliances that man-in-the-middle (MITM) all of Firefox's connections. If their MITM appliance uses SHA-1 from a publicly-trusted root, any action we take on SHA-1 will affect all their browsing. Note though that this would also be a violation of the Baseline Requirements, so we really hope we won't see this situation occur.