As Bruce Schneier and others have reported, your friends at the National Security Agency’s Information Assurance Directorate (IAD) recently issued a FAQ regarding their new Commercial National Security Algorithm Suite, intended to futureproof national security systems against the looming threat of quantum computing. Among their » Continue Reading.
Google plans to retire SHA-1 certificates – and it may be sooner than anticipated.
SHA-1 certificates are increasingly insecure, so moves by CloudFlare and Facebook to maintain SHA-1 support may seem counter-intuitive. However, both companies make a case that the secure access of millions of users is at stake.
SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function that can convert an arbitrarily long string of data into a digest with a fixed size of 160 bits. This digest is commonly displayed as a 40 character hexadecimal number. The SHA-1 algorithm is now considered insecure. » Continue Reading.
SHA-1 is a cryptographic hash function – an important component of the process that the SSL protocol uses to protect your data. Although SSL certificates using SHA-1 are currently secure, the pace of technological change means that it could be vulnerable in the near future. For » Continue Reading.
The lists below display the path of trust from the root certificate, through the required intermediate certificates (if any) to the server certificate (which is the certificate you purchased from SSL.com) for each SSL.com product we offer.
Microsoft, Google and Mozilla have all announced various plans to stop supporting SHA-1 SSL certificates after January 1, 2017. As a result, SSL.com began issuing SSL certificates using only SHA-2 (aka SHA-256) as the default hashing algorithm starting September 24, 2014. There are no special flags » Continue Reading.
SHA1 SSL Certificates This is a question we get frequently, so we thought we’d put together a page that explains why some testing sites are starting to flag SHA1 as “weak.” Various SSL Labs sites are available that will give you a rundown of what you’re » Continue Reading.
SHA-1 Certificates Expiration The holiday shopping season is quickly approaching, and this is good reason to be concerned about Google’s recent announcement that they will be accelerating the deprecation of SHA-1 certificates. The new policy was announced on August 19. Chrome 39 – due in » Continue Reading.