Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Əgər kömək lazımdırsa lütfən yeni sual verin.

What is the Mozilla Firefox policy concerning SHA-1 Client authentication certificates?

  • 1 cavab
  • 3 have this problem
  • 2 views
  • Last reply by philipp

vazmuten
vazmuten
more options

Hi ! I read "https://blog.mozilla.org/security/2015/10/20/continuing-to-phase-out-sha-1-certificates/" article but my question is what about Client authentication certificates that are issued using SHA-1 like Qualified Certificates issued to clients in order to make client authenticated SSL connection and sign/encrypt/decrypt documents? Are they going to be valid and until when ?

Hi ! I read "https://blog.mozilla.org/security/2015/10/20/continuing-to-phase-out-sha-1-certificates/" article but my question is what about Client authentication certificates that are issued using SHA-1 like Qualified Certificates issued to clients in order to make client authenticated SSL connection and sign/encrypt/decrypt documents? Are they going to be valid and until when ?

Chosen solution

hi, as it is mentioned at the end of the article, please post specific questions about sha-1 deprecation at https://groups.google.com/forum/#!forum/mozilla.dev.security.policy - the developers involved in that decision will read along there but not here in the support forum. thank you for your understanding!

Read this answer in context 👍 3

All Replies (1)

philipp
philipp
  • Moderator
more options

Seçilmiş Həll

hi, as it is mentioned at the end of the article, please post specific questions about sha-1 deprecation at https://groups.google.com/forum/#!forum/mozilla.dev.security.policy - the developers involved in that decision will read along there but not here in the support forum. thank you for your understanding!