Submitted via IRC for TheMightyBuzzard
"Beginning May 9, 2017, Microsoft released updates to Microsoft Edge and Internet Explorer 11 to block sites that are protected with a SHA-1 certificate from loading and to display an invalid certificate warning," the company announced.
The change, however, impacts only SHA-1 certificates that chain to a root in the Microsoft Trusted Root Program where the end-entity certificate or the issuing intermediate uses SHA-1. This means that enterprises or self-signed SHA-1 certificates won't be affected by this. They are, however, encouraged to migrate to SHA-2 based certificates as fast as possible.
"Microsoft recommends that all customers migrate to SHA-2, and the use of SHA-1 as a hashing algorithm for signing purposes is discouraged and is no longer a best practice. The root cause of the problem is a known weakness of the SHA-1 hashing algorithm that exposes it to collision attacks. Such attacks could allow an attacker to generate additional certificates that have the same digital signature as an original," the company notes.
Source: Microsoft Kills SHA-1 Support in Edge, Internet Explorer 11
(Score: 2) by NotSanguine on Sunday May 14 2017, @04:57AM
Unfortunately, I don't have time for editing; if I could find time for it, I certainly would have volunteered.
Knowing very well I don't have enough time, I preferred to admit it and stay away from editing (rather than over-promise only to under-deliver afterwards).
Perhaps I'm too old-fashioned in the way I approach responsibilities.
If you don't like how things are done, yet are unable (or unwilling) to help make things better, perhaps you shouldn't complain about those who are making things better for you by keeping this site going.
Just a crazy thought. Carry on.
No, no, you're not thinking; you're just being logical. --Niels Bohr