On Mon, Jan 4, 2016 at 9:47 AM, Mike Hoye <mh...@mozilla.com> wrote: > On 2016-01-04 12:31 PM, Bobby Holley wrote: > >> By "this sort of software" do you mean "Firefox"? Because that's what 95% >> of our users experiencing this are going to do absent anything clever on >> our end. We clearly need to determine the scale of the problem to determine >> how much time it's worth investing into this. But I think we should assume >> that an affected user is a lost use in this case >> > Is consumer-grade home networking gear on our radar here? Many, many home > APs will self-generate SHA-1 certificates on their first boot after a reset. >
The certificates from those devices aren't valid in any case, because they do not chain to a trust anchor. -Ekr > > - mhoye > > _______________________________________________ > dev-platform mailing list > dev-platform@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-platform > _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
