theri...@gmail.com
unread,Sep 16, 2016, 11:44:12 AM9/16/16You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to mozilla-dev-s...@lists.mozilla.org
Working with a client on "workarounds" for avoiding SHA-1 deprecation on a system they are woefully behind on updating for SHA-256 compatible. They asked/stated that Chrome & probably Firefox were "configurable" in regards to shutting out the trust for SHA-1 SSL/TLS certs. I'm skeptical as I haven't seen anything like that.
Is there any configurability in Firefox regarding this (e.g. from a GPO perspective - Windows environment), or is all the SHA-1 deprecation policy embedded in the Firefox code - to be enforced when that update is pushed out (presumably on/around 1/1/17)? Thanks
Rick