I believe it would cause a problem with legacy systems that don't
understand SHA-256 signatures at all, noting that such systems will
only ever trust SHA-1 (and older) certificates, thus SHA-1 signing can
be limited to cases where the CA chain leading to the certificate
issuer has no SHA-256 signatures and the certificate being checked is
not a known SHA-256 certificate (generating the dynamic rejection
response for a never issued certificate would choose the hash based on
the hash algorithm in the involved intermediary CA certs).
I wonder if Let's Encrypt ever issued SHA-1 certificates, and if any of
those are non-expired. Worst case, I guess there might be only a few
such certificates, all of them Intermediary CA certs (given that LE
only issues TLS, CA and OCSP-signing certificates, and the former have
3 month lifetime).
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.
https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct
+45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded