Encrypt As We Say, Not As We Do: The NSA and SHA-1 Certs

As Bruce Schneier and others have reported, your friends at the National Security Agency’s Information Assurance Directorate (IAD) recently issued a FAQ regarding their new Commercial National Security Algorithm Suite, intended to futureproof national security systems against the looming threat of quantum computing. Among their recommendations is the use of SHA-384 to sign certificates (a step up from SHA-2, the current industry standard ).

One small issue with the IAD’s link to their FAQ – it throws this message when clicked:

A quick check at SSLShopper shows that the certificate for iad.gov uses an obsolete (and dangerous) SHA-1 signature, and apparently has a broken chain of trust to boot – problems serious enough to get red-flagged by all modern browsers.

Further proof, we guess, that security is tough to get perfect – even when you’re a branch of the NSA.

The (insecure-as-of-this-writing) link to the IAD FAQ is here – use at your own risk.

Subscribe to SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.