@alexstamos @BRIAN_____ @_mwc Nope. We're only blocking EE certs; can't block intermediates (where the risk is) due to cross-certs & paths
@CopperheadSec @sleevi_ @alexstamos @_mwc Firefox is already doing better than that as of today. See https://www.fxsitecompat.com/en-US/docs/2015/sha-1-based-certificates-with-validity-period-from-2016-will-not-be-validated/ ….
-
-
@BRIAN_____@CopperheadSec Chrome is doing the same. That said, Chrome is generally opposed to soft-UI as its a feel-good anti-pattern -
@sleevi_@CopperheadSec Re: "the same." Are you sure? It seems like Firefox is doing the right thing & Chrome is doing something useless. -
@BRIAN_____ Depends on useless. Discourages SHA-1 EE, doesn't prevent SHA-1 intermediates. FF looks like it only rejects new ints?
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.