http://arstechnica.com/security/2015/12/sha1-sunset-will-block-millions-from-encrypted-net-facebook-warns/ [arstechnica.com]
SHA1 certificates for secure SSL/TLS communications are deprecated due to known computational vulnerabilities. However, a forced deprecation will lock out many users who are unable to use stronger hashes such as SHA256. However however, if a fallback to SHA1 is provided (as Facebook is proposing), everyone will be vulnerable to SHA1 downgrade man-in-the-middle attacks.