@sleevi_ e.g. Why not detect these UAs and help them get to newer browsers? It would not help all but it would help with many.
-
-
@BRIAN_____@sleevi_@hillbrad@rmhrisk we announced our intention to do this >1yr ago: https://blog.cloudflare.com/cloudflare-and-sha-1-certificates/ …pic.twitter.com/bQutOO2ATU
-
@prdonahue@sleevi_@hillbrad@rmhrisk I think you linked to the wrong blog post, since that one doesn't say anything about your 2016 plans. -
@BRIAN_____@sleevi_@hillbrad@rmhrisk i was referring to the falling back from SHA-2 to SHA-1 in general. yes, no 2016 plans in there. -
@prdonahue@BRIAN_____@sleevi_@hillbrad I am a big CF fan. And you don't report to the CABF but if your plan has been to do LV for a year -
@prdonahue@BRIAN_____@sleevi_@hillbrad it would have been prudent to have that conversation sooner than a days before the year is out. -
@rmhrisk@BRIAN_____@sleevi_@hillbrad fallback plans are old. LV is new idea (matthew+alex discussion) not something we've been sitting on -
@prdonahue what will prevent LV from being used by modern browsers? Special LV policy OID blacklisted by them? -
@selecadm@prdonahue presumption is modern browsers will block SHA1 and any CAs that issue them anyways leaving you with the 37m leftovers. - 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.