Information Technology News.


Microsoft confirms February 2017 to deprecate last SHA-1 implementation

Share on Twitter.

Sponsered ad: Get a Linux Enterprise server with 92 Gigs of RAM, 16 CPUs and 8 TB of storage at our liquidation sale. Only one left in stock.

Sponsered ad: Order the best SMTP service for your business. Guaranteed or your money back.

May 4, 2016

Microsoft has confirmed February 2017 as its official date in its deprecation of SHA-1 certificates, but they'll survive for nearly another year we are told.

Last November, the software behemoth was thinking of joining Firefox in a death-to-SHA-1 initiative during 2016, but its latest missive sets a February 2017 date instead.

Internally, some Microsoft employees did see this coming, however. At that date, the company's Edge Team writes, both Edge and Internet Explorer will block SHA-1 signed TLS certificates.

Before then, starting with the Windows 10 anniversary update, the two browsers will quit showing the lock icon for SHA-1-signed TLS certificates.

To be sure, Edge on Windows 10 and IE on everything after Windows 7 will get the update, which will apply to certificates that “chain to a CA in the Microsoft Trusted Root Certificate program”, the post states.

In the meantime, to help gather data about 'daredevil' system admins that still have SHA-1 relic certificates lying around, they can log their use of SHA-1.

After creating an appropriate directory, the following commands turn on the logs:
Certutil -setreg chain\WeakSignatureLogDir %LogDir% Certutil -setreg chain\WeakSha1ThirdPartyFlags 0x80900008.

February of next year is also the EOL (end-of-life) date for anyone using SHA-1 code signing.

Windows 7 and higher, and Windows Server will not trust code signed with an SHA-1 certificate time-stamped later than 00:00 UTC on February 14, 2017.

Source: Microsoft.

Sponsered ad: Get a Linux Enterprise server with 92 Gigs of RAM, 16 CPUs and 8 TB of storage at our liquidation sale. Only one left in stock.

Sponsered ad: Order the best SMTP service for your business. Guaranteed or your money back.

Share on Twitter.

IT News Archives | Site Search | Advertise on IT Direction | Contact | Home

All logos, trade marks or service marks on this site are the property of their respective owners.

Sponsored by Sure Mail™, Avantex and
by Montreal Server Colocation.

       © IT Direction. All rights reserved.