W3C home > Mailing lists > Public > public-test-infra@w3.org > April to June 2017

Re: Changing ciphers used by certs generated for web-platform-tests

From: Geoffrey Sneddon <me@gsnedders.com>
Date: Wed, 26 Apr 2017 21:26:03 +0100
Message-ID: <CAHKdfMjT_riy_psLxgA_BLO-j7QGkrb7Kos5H4VQk9JcbZ++ag@mail.gmail.com>
To: Josh Matthews <josh@joshmatthews.net>
Cc: public-test-infra <public-test-infra@w3.org>
On Tue, Apr 25, 2017 at 6:28 PM, Josh Matthews <josh@joshmatthews.net> wrote:
> Servo is investigating how plausible it is to remove support for some older
> ciphers listed under "intermediate compatibility" on
> https://wiki.mozilla.org/Security/Server_Side_TLS . We discovered that the
> certs generated by the WPT setup make use of these, so we proposing updating
> that to use a more modern one instead (ECDSA with curve secp521r1). Any
> objections to us upstreaming the changes in
> https://github.com/servo/servo/pull/16535/commits/64ee14ba92d4e8566ce19ecd63804d5d3d4a38e4
> ?

That commit is no longer there, FWIW.

I'm in general fine with this: I think we probably want some
reasonably easy way to generate something supported with more legacy
UAs for when people want to dig into archaeology, though.

Not looked at the code, though, and I leave that to jgraham (I think
he's the only person to have touched it much). :)

Received on Wednesday, 26 April 2017 20:26:38 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:34:13 UTC