Educause Security Discussion mailing list archives
Re: Deprecation of SSL Certificates Using SHA-1
From: Miguel Angel Gonzalez de la Torre <mglez () ITESM MX>
Date: Sat, 11 Oct 2014 00:28:30 +0000
We also work with Digicert. We are renewing our soon to expire certificates in SHA-2, and the if not supported, giving the app admin the deadline to make the updates to support it. Digicert have unlimited re-issues of certificates so any changes are at no cost. Ing. Miguel Angel González de la Torre, MCC Director Seguridad de la Información Dirección de Tecnologías de Información Contáctame por Lync Instituto Tecnológico y de Estudios Superiores de Monterrey -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Roger A Safian Sent: viernes, 10 de octubre de 2014 10:11 a. m. To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Deprecation of SSL Certificates Using SHA-1 Hello everyone. I don't know if you have been following the news about the plans browser providers have for deprecating SSL certificates that use the SHA-1 cryptographic hash, but I would be interested to hear what you all are doing with respect to replacing your SHA-1 certificates with SHA-2 certificates. Google (Chrome) has an ambitious plan already underway to progressively display more and more dire warning signs in their address bar. Their plan started to unfold in September and will culminate in January with release 41. Internet Explorer and Firefox are taking a slower approach starting in January 2016 and Safari is still trying to decide what to do. Google's statement is at: http://googleonlinesecurity.blogspot.com/2014/09/gradually-sunsetting-sha-1.html Any feedback on what your institutions are doing would be appreciated.
Current thread:
- Deprecation of SSL Certificates Using SHA-1 Roger A Safian (Oct 10)
- Re: Deprecation of SSL Certificates Using SHA-1 Tim Faircloth (Oct 10)
- Re: Deprecation of SSL Certificates Using SHA-1 John Ladwig (Oct 10)
- Re: Deprecation of SSL Certificates Using SHA-1 Ken Connelly (Oct 10)
- Re: Deprecation of SSL Certificates Using SHA-1 Miguel Angel Gonzalez de la Torre (Oct 10)
- Re: Deprecation of SSL Certificates Using SHA-1 Miller, Thomas (Oct 10)
- <Possible follow-ups>
- Re: Deprecation of SSL Certificates Using SHA-1 Roger A Safian (Oct 10)
- Re: Deprecation of SSL Certificates Using SHA-1 Albert Lunde (Oct 13)
- Re: Deprecation of SSL Certificates Using SHA-1 Tim Faircloth (Oct 10)