Deprecate TLS SHA-1 server signatures

[dadrian]

Request for Mozilla Position on an Emerging Web Specification

• Specification Title: Deprecating MD5 and SHA-1 Signature Hashes in TLS 1.2 and DTLS 1.2
• Specification or proposal URL (if available): https://www.rfc-editor.org/rfc/rfc9155.html
• Explainer URL (if available): n/a
• Caniuse.com URL (optional): n/a
• Bugzilla URL (optional):
• Mozillians who can provide input (optional):

Other information

Chrome Status entry: https://chromestatus.com/feature/4832850040324096

This covers:

• Removing SHA1 in server signatures
• Continuing to allow SHA1 in client certificates

Currently:

• SHA1 is already disallowed in server certificates
• As far as we know, no browser supports MD5 in any form in TLS.

[zcorpan]

@valenting @dveditz

[martinthomson]

From the crypto team, we're positive on this. It's pretty hard work to manage the bustage risk, but we've already started work on that.

[zcorpan]

@martinthomson do you think this needs a dashboard entry?

[martinthomson]

I should have said that this doesn't need an entry. I'll close it now on that basis.