Re: Changing ciphers used by certs generated for web-platform-tests

On Tue, Apr 25, 2017 at 6:28 PM, Josh Matthews <josh@joshmatthews.net> wrote:
> Servo is investigating how plausible it is to remove support for some older
> ciphers listed under "intermediate compatibility" on
> https://wiki.mozilla.org/Security/Server_Side_TLS . We discovered that the
> certs generated by the WPT setup make use of these, so we proposing updating
> that to use a more modern one instead (ECDSA with curve secp521r1). Any
> objections to us upstreaming the changes in
> https://github.com/servo/servo/pull/16535/commits/64ee14ba92d4e8566ce19ecd63804d5d3d4a38e4
> ?

That commit is no longer there, FWIW.

I'm in general fine with this: I think we probably want some
reasonably easy way to generate something supported with more legacy
UAs for when people want to dig into archaeology, though.

Not looked at the code, though, and I leave that to jgraham (I think
he's the only person to have touched it much). :)

/g

Received on Wednesday, 26 April 2017 20:26:38 UTC