SHA-1 is a weaker cryptographic hash function and more than 12 years old now. (Time to retire!) All major web browsers have officially announced to SHA-1 Sunset from January, 2017.
- Google (Chrome)
- http://blog.chromium.org/2014/09/gradually-sunsetting-sha-1.html
- https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/2-R4XziFc7A/YO0ZSrX_X4wJ
- Apple (Safari)
- Status unknown. No much news from Apple on this topic but they have added SHA256 from Yosemite release
- Microsoft (Internet Explorer)
- http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx
- http://blogs.technet.com/b/pki/archive/2013/11/12/sha1-deprecation-policy.aspx
- Mozilla (Firefox)
Why I should migrate from SHA-1 to SHA-2 now?
All server certificates that expire on/after 1st January, 2017, and which contain SHA-1-based signatures in the validated chain, will be shown the insecure site notification icon in Google Chrome and similar warning notice in other major browsers, with text indicating that the site will cease working in future versions of the browser. This may affect the brand and reputation of the organization among the customers. (Effect on Google SERP is unclear at this point of time. But Google has given clear indication that HTTPS will be a ranking signal.)Read more about SHA-1 and Future
- SHA-1
- Comparison of Cryptographic Hash Algorithms
No comments:
Post a Comment
Share your comments