>> What are the security concerns with SHA-1?
>> When did browser changes to SHA-1 certificates go into effect?
>> How is DigiCert handling the SHA-2 requirement?
>> What do I do if I have a SHA-2 certificate and run into a problem?
>> Will my users have problems if my website is secured with a SHA-2 SSL Certificate?
What are the security concerns with SHA-1?
No hashing algorithm is completely collision resistant. The strength of a hash function’s collision resistance is determined by how difficult it is to find a collision. A collision occurs when an attacker can find two identical hashes from a given hash function. For example, in a successful collision attack, the attacker creates a rogue CA Certificate. Web browsers trust this certificate, and it can now be used to impersonate websites secured with the HTTPS protocol.
As technology advances eventually a hash function’s collision resistance will become weak enough that a move to a stronger hash function becomes necessary. In 2005, a research team from China discovered a collision-resistance property weakness in SHA-1. Since then, the research/cryptology communities’ attacks have improved, and they have predicted that within a few years the cost for gathering the computational power needed to pull off a successful collision attack will become practical.
When did browser changes to SHA-1 certificates go into effect?
As part of their SHA-2 migration plan, Microsoft, Google, and Mozilla announced that they would stop trusting SHA-1 certificates.
Changes to SHA-1 SSL Certificates:
Microsoft, Google, and Mozilla began phasing out trust for SHA-1 certificates in 2016. Here is a historic timeline of those events:
- November 2014 – SHA-1 SSL Certificates expiring any time in 2017 will show a warning in Chrome.
- December 2014 – SHA-1 SSL Certificates expiring after June 1, 2016, will show a warning in Chrome.
- January 2015 – SHA-1 SSL Certificates expiring any time in 2016 will show a warning in Chrome.
- December 2015 – SHA-1 SSL Certificates issued after January 1, 2016, will show the "untrusted connection" error in Firefox.
- January 2016 – SHA-1 SSL Certificates issued after January 1, 2016, will show a certificate error in Chrome.
Certificate criteria: signed with a SHA-1-base signature, issued after January 1, 2016, and chained to a public CA. - January 1, 2017 – Microsoft, Google, and Mozilla will end trust for all SHA-1 SSL Certificates.
Mozilla and Google say it is feasible to move this date up to July 1, 2016, in light of recent attacks on SHA-1.
Microsoft says it is feasible to move this date up to as early as June 2016, in light of recent attacks on SHA-1.
How is DigiCert handling the SHA-2 requirement?
DigiCert is always looking for ways to give our customers the very best experience in SSL. After Microsoft’s announcement, DigiCert did not issue any SHA-1 certificates that expired past 2017 and made SHA-2 the default for all certificates purchased. DigiCert strongly recommends that you accelerate SHA-2 deployment where possible and prepare to fully migrate to SHA-2, if you haven’t already.
What do I do if I have a SHA-2 certificate and run into a problem?
Check with your browser or Operating System manufacturer for updates that add support for SHA-2.
Will my users have problems if my website is secured with a SHA-2 SSL certificate?
All modern browsers support SHA-2 certificates. Users on older browsers are always susceptible to numerous security issues, including SHA-2 compatibility. DigiCert encourages administrators to work with their users on older, less secure systems to update to the latest version.