1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Mozilla mulls early cutoff for SHA-1 digital certificates

Discussion in 'CSO' started by RSS, Oct 21, 2015.

  1. RSS

    RSS New Member Member

    In light of recent advances in attacks against the SHA-1 cryptographic function, Mozilla is considering banning digital certificates signed with the algorithm sooner than expected.

    The CA/Browser Forum, a group of certificate authorities and browser makers that sets guidelines for the issuance and use of digital certificates, had previously decided that new SHA-1-signed certificates should not be issued after Jan. 1, 2016.

    Browser makers have also decided that existing SHA-1 certificates will no longer be trusted in their software starting Jan. 1, 2017, even if they're technically set to expire after that date.

    MORE ON CSO:Lost in the clouds: Your private data has been indexed by Google

    On Tuesday, Mozilla announced that it's re-evaluating the cutoff date and is considering the feasibility of pushing it forward by six months, on July 1, 2016. The decision is guided by recent research that improves the practicality of attacks against SHA-1.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page