Re: Deprecation of SSL Certificates Using SHA-1

[Ken Connelly <Ken.Connelly () UNI EDU>]

We've begun a process last week to replace all of our SHA-1 certs with
SHA-2 certs.  Our contract with Digicert for wildcard (actually SAN)
certs makes this a no-cost project except for admin care and feeding.

- ken

On 10/10/14 10:11 AM, Roger A Safian wrote:
> Hello everyone.  I don't know if you have been following the news about the plans browser providers have for 
> deprecating SSL certificates that use the SHA-1 cryptographic hash, but I would be interested to hear what you all 
> are doing with respect to replacing your SHA-1 certificates with SHA-2 certificates.  Google (Chrome) has an 
> ambitious plan already underway to progressively display more and more dire warning signs in their address bar.  
> Their plan started to unfold in September and will culminate in January with release 41.  Internet Explorer and 
> Firefox are taking a slower approach starting in January 2016 and Safari is still trying to decide what to do. 
>
> Google's statement is at:
> http://googleonlinesecurity.blogspot.com/2014/09/gradually-sunsetting-sha-1.html
>
> Any feedback on what your institutions are doing would be appreciated.

-- 
- Ken
=================================================================
Ken Connelly             Associate Director, Security and Systems
ITS Network Services                  University of Northern Iowa
email: Ken.Connelly () uni edu   p: (319) 273-5850 f: (319) 273-7373

Any request to divulge your UNI password via e-mail is fraudulent!