Stories
Slash Boxes
Comments

SoylentNews is people

Final Warning: Popular Browsers Will Soon Stop Accepting SHA-1 Certificates

posted by CoolHand on Friday November 18 2016, @08:32PM   Printer-friendly
from the CERTainly-time-to-update dept.

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

Starting with Chrome 56, planned to be released to the wider public at the end of January 2017, Google will remove support for SHA-1 certificates.

"The SHA-1 cryptographic hash algorithm first showed signs of weakness over eleven years ago and recent research points to the imminent possibility of attacks that could directly impact the integrity of the Web PKI," Chrome Security team member Andrew Whalley explained.

“Website operators are urged to check for the use of SHA-1 certificates and immediately contact their CA for a SHA-256 [i.e. SHA-2] based replacement if any are found,” he advised.

Certificate Authorities stopped issuing SHA-1 signed SSL/TLS certificates on January 1, 2016, but some of them are still valid.

Source: https://www.helpnetsecurity.com/2016/11/17/browsers-stop-sha-1-certificates/

Original Submission

 
This discussion has been archived. No new comments can be posted.
Final Warning: Popular Browsers Will Soon Stop Accepting SHA-1 Certificates | Log In/Create an Account | Top | 8 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1) by manyon on Saturday November 19 2016, @12:37AM

    by manyon (5835) on Saturday November 19 2016, @12:37AM (#429208)

    popular browser hey, so i'll be okay as i use internet explorer :-)