@alexstamos @_mwc @BRIAN_____ For example, we can't safely turn off SHA-1 for App Engine hosted apps. That's the world we live in :/
-
-
Replying to @sleevi_
@alexstamos@_mwc@BRIAN_____ No PHP, Python, Perl, or Ruby app can safely turn it off SHA-1 and still talk to the Internet at large.1 reply 0 retweets 3 likes -
Replying to @sleevi_
@alexstamos@_mwc@BRIAN_____ Hopefully that explains more context as to why I'm so vociferously virulent in my opposition :)1 reply 0 retweets 2 likes -
Replying to @sleevi_
@sleevi_@alexstamos@_mwc@BRIAN_____ Server side cert switching also provides a path to support older clients, and still deprecate SHA1.1 reply 0 retweets 1 like -
Replying to @jvehent
@jvehent@alexstamos@_mwc@BRIAN_____ Only really a path for Mozilla, speaking solely of how (new/modern) clients are implemented.2 replies 0 retweets 1 like -
Replying to @sleevi_
@sleevi_@alexstamos@_mwc@BRIAN_____ Why is cert switching not a viable path for {facebook,twitter,google}.com? Modern clients get sha256.2 replies 0 retweets 1 like -
Replying to @jvehent
@sleevi_@alexstamos@_mwc@BRIAN_____ And everyone else who doesn't send a TLS1.2 Hello with sigalg supporting sha256 gets a SHA1 cert.1 reply 0 retweets 1 like
@sleevi_ @jvehent https://www.reddit.com/r/firefox/comments/1kqlys/til_mozilla_prefers_the_abbreviation_fx_over_ff/ …
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.