The long-awaited SHA-1 deprecation deadline of Jan. 1, 2017, is almost here. At that point, we’ll all be expected to use SHA-2 instead. So the question is: What is your browser going to do when it encounters a SHA-1 signed digital certificate?

We’ll delve into the answers in a minute. But first, let’s review what the move from SHA-1 to SHA-2 is all about.

Getting from SHA-1 to SHA-2

SHA-1 is a cryptographic hash officially recommended by NIST. It’s used to verify digital content, as well as digital certificates and certificate revocation lists (CRLs). Whenever a PKI certification authority (CA) issues a certificate or CRL, it signs it with a hash to assist “consuming” applications and devices with trust verification. 

To read this article in full or to leave a comment, please click here

Source: Security