Questions about the SHA-1 and SHA-256 Announcements and Migration

Now that the security industry is moving from SHA-1 to SHA-2, you may have questions concerning SHA-1, SHA-2, or the move to SHA-2.

 
 
Q: Is something wrong with SHA-1?
ANSWER: At this time, SHA-1 is acceptable. However, with the continual increase in computing power the security of SHA-1 will become a concern in the future. DigiCert recommends that you accelerate SHA-2 deployment where possible and prepare to migrate fully to SHA-2.
 
Q: Are there compatibility issues with SHA-2?
ANSWER: 99% of modern browsers and platforms support SHA-2. However, older versions of browsers and operating systems may have compatibility issues.

Many manufactures have added support for SHA-2 through updates or hotfixes. DigiCert strongly recommends that you and your users upgrade to the latest version of browsers and OS platforms to take full advantage of the newest security measures. Continuing to use old browsers or Operating Systems may mean exposing yourself to exploits.

To see a full list of software and hardware that supports SHA-2, see this page.

 
Q: What are the security concerns with SHA-1?
ANSWER: No hashing algorithm is completely collision-resistant. The strength of a hash function’s collision resistance is determined by how difficult it is to find a collision. A collision occurs when an attacker is able to find two identical hashes from a given hash function. For example, in a successful collision attack, the attacker creates a rogue CA Certificate. Web browsers trust this certificate, and it can now be used to impersonate websites secured with the HTTPS protocol.

As technology advances eventually a hash function’s collision resistance will become weak enough that a move to a stronger hash function becomes necessary. In 2005, a research team from China discovered a collision-resistance property weakness in SHA-1. Since then, the research/cryptology communities’ attacks have improved, and they have predicted that within a few years the cost for gathering the computational power needed to pull off a successful collision attack will become practical.

 
Q: When are browser changes to SHA-1 certificates going into effect?
ANSWER:

As part of their SHA-2 migration plan, Microsoft, Google, and Mozilla have announced that they will stop trusting SHA-1 certificates.

Changes to SHA-1 SSL Certificates:

Microsoft, Google, and Mozilla will begin phasing out trust for SHA-1 certificates in 2016. With these dates approaching, it's time to move to SHA-2.

  • November 2014 –
    SHA-1 SSL Certificates expiring any time in 2017 will show a warning in Chrome.
  • December 2014 –
    SHA-1 SSL Certificates expiring after June 1, 2016, will show a warning in Chrome.
  • January 2015 –
    SHA-1 SSL Certificates expiring any time in 2016 will show a warning in Chrome.
  • December 2015 –
    SHA-1 SSL Certificates issued after January 1, 2016, will show the "untrusted connection" error in Firefox.
  • January 2016 –
    SHA-1 SSL Certificates issued after January 1, 2016, will show a certificate error in Chrome.
  •  
    Certificate criteria: signed with a SHA-1-base signature, issued after January 1, 2016, and chained to a public CA.
  • January 1, 2017 –
    Microsoft, Google, and Mozilla will end trust for all SHA-1 SSL Certificates.
  •  
    Mozilla and Google say it is feasible to move this date up to July 1, 2016, in light of recent attacks on SHA-1.
  •  
    Microsoft says it is feasible to move this date up to as early as June 2016, in light of recent attacks on SHA-1.

Changes to SHA-1 Code Signing Certificate:

  • *Windows 7+/Windows 2008 R2+

    • February 14, 2017 – Microsoft will end trust for SHA-1 Code Signing Certificates issued after December 31, 2015, including all SHA-1 signed code with or without time stamps. Microsoft will end trust for code signed by SHA-1 Code Signing Certificates issued before January 1, 2016 without time stamps.

    • January 14, 2020 – Microsoft will end trust for SHA-1 Code Signing Certificates issued before January 1, 2016, including all SHA-1 signed code with time stamps.

  • *Windows Vista/Windows 2008

    • January 14, 2020 – Microsoft will end support for Windows Vista/Windows 2008. Because these operating systems don’t support SHA-2 Code Signing Certificates, CAs may continue to issue SHA-1 Code Signing Certificates so that developers can continue to support these operating systems until their extended support ends.

  • *Note:  For details concerning Microsoft's support for SHA-1 Code Signing Certificates, please refer to the Windows PKI blog posting SHA1 Deprecation Policy.

 
Q: How is DigiCert handling the SHA-2 requirement?
ANSWER: DigiCert is always looking for ways to give our customers the very best experience in SSL.

Since Microsoft’s announcement, DigiCert has not issued any SHA-1 certificates that expire past 2017 and made SHA-2 the default for all certificates purchased.

With the impending warning messages from Google as well as Microsoft’s upcoming deadline, DigiCert strongly recommends that you accelerate SHA-2 deployment where possible and prepare to fully migrate to SHA-2.

 
Q: What do I do if I have a SHA-2 certificate and run into a problem?
ANSWER: Check with your browser or Operating System manufacturer for updates that add support for SHA-2.
 
Q: Will my users have problems if my website is secured with a SHA-2 SSL Certificate?
ANSWER: All modern browsers support SHA-2 certificates. Users on older browsers are susceptible to numerous security issues, including SHA-2 compatibility. DigiCert encourages administrators to work with their users on older, less secure systems to update to the latest version.

If you do not upgrade to SHA-2, your users will see SHA-1 security warnings in Google Chrome starting in November 2014. W3Schools’ latest report stated that 59.8% of all people on the Internet use Chrome and thus will be affected by this SHA-1 warning.