Re: Deprecation of SSL Certificates Using SHA-1

["Miller, Thomas" <tm2756 () COLUMBIA EDU>]

Sent from my iPhone

> On Oct 10, 2014, at 8:28 PM, Miguel Angel Gonzalez de la Torre <mglez () ITESM MX> wrote:
>
> We also work  with Digicert. We are renewing our soon to expire certificates in SHA-2, and the if not supported, 
> giving the app admin the deadline to make the updates to support it.
> Digicert have unlimited re-issues of certificates so any changes are at no cost.
>
> Ing. Miguel Angel González de la Torre, MCC
> Director Seguridad de la Información
> Dirección de Tecnologías de Información
> Contáctame por Lync 
> Instituto Tecnológico y de Estudios Superiores de Monterrey
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Roger 
> A Safian
> Sent: viernes, 10 de octubre de 2014 10:11 a. m.
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] Deprecation of SSL Certificates Using SHA-1
>
>
> Hello everyone.  I don't know if you have been following the news about the plans browser providers have for 
> deprecating SSL certificates that use the SHA-1 cryptographic hash, but I would be interested to hear what you all 
> are doing with respect to replacing your SHA-1 certificates with SHA-2 certificates.  Google (Chrome) has an 
> ambitious plan already underway to progressively display more and more dire warning signs in their address bar.  
> Their plan started to unfold in September and will culminate in January with release 41.  Internet Explorer and 
> Firefox are taking a slower approach starting in January 2016 and Safari is still trying to decide what to do.
>
> Google's statement is at:
> http://googleonlinesecurity.blogspot.com/2014/09/gradually-sunsetting-sha-1.html
>
> Any feedback on what your institutions are doing would be appreciated.