On 03/08/15 19:40, Kathleen Wilson wrote:
> 1) Responses to Action #3 -- SHA-1 Deprecation Plans
Several large CAs have significant outstanding inventory of SHA-1 certs
which are valid beyond 2017 and have no plans to revoke them. This is
fine in that there is no requirement to revoke them (AIUI), but it does
show that SHA-1 deprecation needs to be driven by browser UI, as it is
not going to be driven by CAs.
> 3) Responses to Action #5 -- IPv6 survey
It seems like the largest commercial CAs are all either on board (well
done Comodo and GlobalSign) or coming on board (GoDaddy, Symantec,
others). However, there is still a long tail of CAs with no plans for
implementation.
It would be great if these reports could be tweaked to include a Totals
row at the top (i.e. just under the heading) as well as at the bottom.
Gerv