SlideShare a Scribd company logo

Ssl247® SHA-2 timeline and compatibility

SSL247®
SSL247®

Table of contents SHA-1 deprecation, moving to SHA-2 What is SHA-1 and why it is being deprecated? What is SHA-2? Deadlines What does Microsoft say about SHA-1? What does Google say about SHA-1? Timeline Microsoft + Google Should I renew or not? SHA-2 Compatibility OS, Browser and Server support Detailed Operating System Support E-mail Clients Word Processors Code Signing SafeNet iKey / eToken Compatibility Mainframe Services

Technology
1 of 10
Download to read offline
SSL247® SHA-2 MIGRATION Table of contents SHA-1 deprecation, moving to SHA-2..............1 What is SHA-1 and why it is being deprecated?.................1 What is SHA-2?...........................................................................1 Deadlines...........................................................2 What does Microsoft say about SHA-1?...............................2 What does Google say about SHA-1?...................................2 Timeline Microsoft + Google...................................................3 Should I renew or not?..............................................................4 SHA-2 Compatibility..............................................5 OS, Browser and Server support.............................................5 Detailed Operating System Support......................................6 E-mail Clients..............................................................................6 WordProcessors.........................................................................6 Code Signing...............................................................................7 SafeNet iKey / eToken Compatibility.......................................7 Mainframe....................................................................................7 Services.........................................................................................7 SSL247 @SSL247 /SSL247LTD SSL247® - The Web Security Consultants - Platinum partner of Symantec, Thawte, GeoTrust, GlobalSign and Comodo © 2014 SSL247 Ltd. All rights reserved. SSL247 Limited is registered in England & Wales No: 5802692 Our accreditations INFORMATION SECURITY MANAGEMENT INFORMATION SECURITY MANAGEMENT ISO 27001
1SSL247® Ltd - 63 Lisson Street - Marylebone - London - NW1 5DA - UK   Ι   SSL247 Ltd is registered in England and Wales - No. 5802692 What is SHA-1 and why is it being deprecated? SHA, or Secure Hash Algorithm, is a hashing algorithm used in secured connections to prove the integrity and authenticity of a message to the receiver. SHA algorithm is the default hash algorithm set in SSL certificates. SHA-1 is an algorithm producing a 160-bit fingerprint when used on a message. It was the standard up until now for secured connections. However SHA-1 was adopted in 1995, a long time ago in internet years. Just think of the computer you were using in 1995! Huge advances in technology and developments in cryptography since then are putting pressure on SHA-1, and it has been shown to be unreliable. Its days are numbered and the SSL industry is migrating to SHA-2. From January 1st 2017, SSL certificates using SHA-1 will no longer be recognised by web browsers and operating systems, rendering them useless. Most major browsers (Chrome, Safari, Mozilla, Opera) have voiced their support for the move. What is SHA-2? SHA-2 is a set of hash functions including SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224 and SHA-512/256. The most common hash function used is SHA-256. So generally speaking, SHA-2 = SHA-256. It works the same way as SHA-1, but produces a longer fingerprint when used on a message (256-bit instead of 160-bit for SHA-1). Moving from SHA-1 to SHA-2 will increase security and safety online. SHA-1 deprecation, moving to SHA-2 ®
2SSL247® Ltd - 63 Lisson Street - Marylebone - London - NW1 5DA - UK   Ι   SSL247 Ltd is registered in England and Wales - No. 5802692 ® What does Microsoft say about SHA-1? Microsoft’s Operating Systems will stop trusting SSL certificates using SHA-1 from January 1st, 2017, and Digital Signatures using SHA-1 from January 1st, 2016. All Certification Authorities (Symantec, GlobalSign, Comodo, ...) will stop issuance and / or reissuance of SSL certificates by January 1st, 2016. What does Google say about SHA-1? Google believes Microsoft’s deadline (January 1st, 2017) is too far away from now, and SHA-1 is already a weak hashing algorithm. To force people to move to SHA-2 as soon as possible, Google will deprecate on Chrome the use of a SHA-1 certificate which is valid after May 2016. To do so, they are displaying warning icons on websites using such certificates (see the timeline below). Deadlines If your SHA-1 SSL certificate expires after January 1st, 2017, from this date any user trying to connect to your server will get this warning message
3 SSL247® Ltd - 63 Lisson Street - Marylebone - London - NW1 5DA - UK   Ι   SSL247 Ltd is registered in England and Wales - No. 5802692 ® SHA-1 Certificates expiring Between June 1st , 2016 and December 31st , 2016 SHA-1 Certificates expiring After January 1st , 2017 What the user saw on Chrome 39 (Released November 2014) What the user sees now on Chrome 40 (Released January 2015) What the user will see on Chrome 41 (Release: Q1 2015) A C 2014 2015 2016 2017 A B C 01 Jan 2017 Microsoft stops trusting SHA‑1 SSL certificates. Secure, but with minor errors Secure, but with minor errors Secure, but with minor errors Neutral, lacking security Affirmatively insecure Secure Note: if you have an EV (Extended Validation) certificate with SHA-1 expiring after June 1st, 2016, the new icon display in Chrome (as shown above) will remove the green bar. B
4 The SHA-1 algorithm is set by default in your SSL certificate at the time of purchase, unless specified otherwise. In any case, your SSL certificate must use SHA-2 from January 1st, 2017, and all Certification Authorities have ensured you can purchase SHA-2 certificates from now on. If you chose to be PCI compliant, note that SHA-2 is an element required by the authority in charge of this norm (Payment Card Industry Security Standards Council). There are three possible situations: If your certificate expires before January 1st, 2016: you can still get a SHA-1 certificate, but its validity period can’t go after January 1st, 2017. Google Chrome won’t display any warning icon on your website. If your certificate expires between January 1st, 2016 and January 1st, 2017: you won’t have any other choice than renewing with SHA-2, but your SHA-1 certificate remains valid until December 31st, 2016. However : if your certificate expires between June 1st and December 31st, 2016, Google Chrome displays a “minor error” icon on your website. If your SSL certificate expires after January 1st, 2017: after this date, Microsoft Operating Systems will stop trusting your SSL certificate, and web browsers will do the same. In addition to this, Google Chrome is displaying a “lacking security” icon on your website, and later on this year the “lacking security” icon will become a “non secure” icon (with the release of Chrome 41). Even if your certificate expires before or during 2016, we recommend that you migrate to SHA-2 as soon as you can. Renewing in SHA-2 with SSL247®can be done at any time. It is entirely free of charge, easy and will not require a lot of manipulation (note that SHA-2 certificates must be installed with their corresponding SHA-2 intermediates). Overall there are minor compatibility issues, and the sooner you start using SHA-2, the more time you will have to fix issues before your SHA-1 certificate becomes invalid. You will save time and avoid last-minute stress ! Our SHA-1 checker is available to help you quickly find out if your certificates are SHA-1: https://www.ssl247.com/ssl-tools/sha1-checker Should I renew or not? SSL247® Ltd - 63 Lisson Street - Marylebone - London - NW1 5DA - UK   Ι   SSL247 Ltd is registered in England and Wales - No. 5802692
5 ® SSL247® Ltd - 63 Lisson Street - Marylebone - London - NW1 5DA - UK   Ι   SSL247 Ltd is registered in England and Wales - No. 5802692 OS, Browser and Server support SHA-2 Compatibility   Minimum OS Version (SSL Certificates) Minimum OS Version (Client Certificates) Apple OS X 10.5+ 10.5+ Apple iOS 3.0+ 3.0+ Android 2.3+ 2.3+ Blackberry 5.0+ 5.0+ ChromeOS ✓ ✓ Windows XP SP3+ XP SP3+ Windows Phone 7+ 7+ Windows Server 2003 SP2 +Hotfixes (MS13-095) 2003 SP2 +Hotfixes (MS13-095)         Minimum Browser Version   Chrome 1.0+ (38+)   Firefox 1.0+   Internet Explorer 6+ (On a SHA-2 compatible OS)   Konqueror 3.5.6+   Mozilla 1.4+   Netscape 7.1+   Opera 6.0+   Safari 3+ (Ships with OS X 10.5)           Minimum Server Version   Apache Server* 2.0.63+ w/ OpenSSL 0.9.8o+   IBM Domino Server 9.x with Fix Pack   IBM HTTP Server 8.5 (Bundled with Domino 9)   Microsoft Server Exchange Dependent on Windows Server Version Oracle Weblogic 10.3.1+   * Apache 2.0 is bundled with mod_ssl by default. Versions prior to 2.0 require manual installation of mod_ssl for any SSL support at all. Mod_gnutls is an alternative to mod_ssl, leveraging GnuTLS instead of OpenSSL libraries.
6   SSL Certificates (Client Side) SSL Certificates (Server Side) S/ MIME Code Signing Windows XP (SP1, SP2) ✗ N/A ✗ ✗ Windows XP SP3 ✓ N/A Partial Partial Windows Vista ✓ N/A ✓ Partial Windows 7 ✓ N/A ✓ Partial Windows 8 ✓ N/A ✓ ✓           Windows Server 2003 / 2003 SP1 ✗ ✗ ✗ ✗ Windows Server 2003 SP2 +MS13-095 ✓ ✓ ✓ N/A Windows Server 2008 ✓ ✓ ✓ Partial Windows Server 2008 R2 ✓ ✓ ✓ ✓ Windows Server 2012 & 2012 R2 ✓ ✓ ✓ ✓           Windows Phone 5 ✗ N/A ✗ N/A Windows Phone 6 ✗ N/A ✗ N/A Windows Phone 7 ✓ N/A ✓ N/A Windows Phone 8 ✓ N/A ✓ N/A      E-mail Clients   Verify SHA-1 Signed E-Mail Verify SHA-256 Signed E-Mail Send SHA-1 Signed E-Mail Send SHA-256 Signed E-Mail Mozilla Thunderbird 24 on XP SP3 ✓ ✓ ✓ N/A IBM Notes 8 ✓ ✗ ✓ ✗ IBM Notes 9 ✓ ✓ ✓ ✓ Microsoft Entourage 2004 ✓ ✗ ✓ ✗ Microsoft Entourage 2008 ✓ ✓ ✓ ✓ Outlook 2003 / 2007 on XP SP3 ✓ ✗ ✓ ✗ Outlook 2007 on Windows Vista & 7  ✓ ✓ ✓ ✓ Outlook for Mac 2011 ✓ ✓ ✓ ✓   Detailed Operating System Support SSL247® Ltd - 63 Lisson Street - Marylebone - London - NW1 5DA - UK   Ι   SSL247 Ltd is registered in England and Wales - No. 5802692 Notes on “Partial” compatibility: • S/MIME: Outlook on Windows XP SP3 can utilize certificates signed with SHA-256 but cannot validate an e-mail signed using the SHA-256 hashing algorithm. By default Outlook signs with SHA1 even if a SHA2 cert is in use though this behavior can be changed if desired. • Code Signing: Code can be signed with a SHA2 cert on any of the systems listed as having partial or full compatibility without issue. There is an incompatibility with SHA2 signed kernel drivers on the partially compatible platforms. Kernel drivers signed with SHA2 certs will not install on systems listed as having “Partial” compatibility.
7 Word Processors     Verify SHA-1 Signed Docu- ment Verify SHA-256 Signed Document Place SHA-1 Signature with SHA-256 certif- icate Place SHA-256 Sig- nature with SHA-256 certificate Word 2003 & 2007 on XP SP3  ✓ N/A ✓ ✗ LibreOffice Writer 4.2 on XP SP3  ✓ N/A ✓ N/A Document Signing   Place SHA1 Signature with SHA-256 certificate Place SHA2 Signature with SHA-256 certificate Validate SHA2 Signature LibreOffice 4 ✓ ✗ ✗ Microsoft Office 2003, 2007 ✓ ✗ ✗ Microsoft Office 2010, 2013 ✓ ✓ ✓ Adobe Acrobat 8.0+ ✓ ✓ ✓ Adobe Reader 8.0+ ✓ ✓ ✓ Note: Adobe Reader 8+ can place signatures with a Digital ID if the functionality has been enabled via Adobe Acrobat Professional. Adobe Acrobat & Adobe Reader are compatible with SHA-256 certs as of version 8.0, but still place SHA1 signatures by default. As of version 9.1, Acrobat & Reader will prefer SHA-256 for the signature hash if available, otherwise it will fall back to SHA1. SHA-2 signatures can be preferred in versions prior to 9.1 through edits to the registry. Digital signatures placed with newer versions of Microsoft Office may not be backwards compatible with older versions. Legacy compatibility can be specified manually. Office 2003 - 2010 work with SHA-2 certs, but place SHA1 signatures. Office 2013 uses SHA2 as the default signature hash when available. You can specify the signature hash in Office 2010 & 2013 via the registry. Windows Code Signing   Executables Kernel Drivers VBA Macros: Of- fice 2003, 2007 VBA Macros: Office 2010 VBA Macros: Office 2013 Windows XP (SP1, SP2) ✗ ✗ ✗ ✗ N/A Windows XP SP3 ✓ ✗ ✗ ✓ N/A Windows Vista ✓ ✗ ✗ ✓ N/A Windows 7 ✓ ✗ ✗ ✓ ✓ Windows 8 ✓ ✓ ✗ ✓ ✓ Office 2010 on Windows 7 requires hotfix kb 2598139 to add SHA-256 support for CodeSigning Certs.     Minimum Version Required Visual Studio Tools for Office (VSTO) 10.0.50325 SSL247® Ltd - 63 Lisson Street - Marylebone - London - NW1 5DA - UK   Ι   SSL247 Ltd is registered in England and Wales - No. 5802692
8 Toolkits, Libraries, Frameworks, etc.   Minimum Version Required Java Java 1.4.2+ Mozilla NSS 3.8+ OpenSSL 0.9.8o+ GNUTLS 1.7.4+ .NET FX 3.5 SP1+ SafeNet iKey / eToken Compatibility     Works with SHA2 Certificate Place SHA1 Signature Place SHA2 Signature iKey 4000  ✓ ✓ ✗ eToken 5100 ✓ ✓ ✓ Mainframe       Minimum Version Required IBM z/OS  v1r10   Citrix Support   Minimum Version Required Citrix receiver Varies - See PDF Services   Notes Belgian Online Government Services No SHA2 Support. Issue PersonalSign3 as SHA1. FDA ESG Works with SHA2 FDA Encrypted E-Mail FDA S/MIME firewall cannot handle SHA2. WARNING : a critical bug called "Heartbleed bug" has been detected in OpenSSL versions 1.0.1 to 1.0.1f - if you use any of them, update immediatly to 1.0.1g an reissue all you certificates with new key pairs.
SSL247® info@SSL247.com +1-800-511-9176 www.SSL247.com Contact us: SSL247 @SSL247 /SSL247LTD SSL247® - The Web Security Consultants - Platinum partner of Symantec, Thawte, GeoTrust, GlobalSign and Comodo © 2014 SSL247 Ltd. All rights reserved. SSL247 Limited is registered in England & Wales No: 5802692 Our accreditations INFORMATION SECURITY MANAGEMENT INFORMATION SECURITY MANAGEMENT ISO 27001

Recommended

Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 2
Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 2Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 2
Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 2
Tran Tuan
 
Cờ Tướng - Pháo đầu đối bình phong mã - Mã giáp pháo - Tập 2
Cờ Tướng - Pháo đầu đối bình phong mã - Mã giáp pháo - Tập 2Cờ Tướng - Pháo đầu đối bình phong mã - Mã giáp pháo - Tập 2
Cờ Tướng - Pháo đầu đối bình phong mã - Mã giáp pháo - Tập 2
Tran Tuan
 
Coursera
CourseraCoursera
CourseraMeltem Oksuz
 
Cờ Tướng - Các thế chiếu tướng
Cờ Tướng - Các thế chiếu tướngCờ Tướng - Các thế chiếu tướng
Cờ Tướng - Các thế chiếu tướng
Tran Tuan
 
Should You Outsource SEO?
Should You Outsource SEO?Should You Outsource SEO?
Should You Outsource SEO?Ocere
 
GeoVidyaa Geography Centres in Tamil Nadu -- at Coimbatore and Chennai
GeoVidyaa Geography Centres in Tamil Nadu -- at Coimbatore and ChennaiGeoVidyaa Geography Centres in Tamil Nadu -- at Coimbatore and Chennai
GeoVidyaa Geography Centres in Tamil Nadu -- at Coimbatore and Chennai
Chandra Shekhar Balachandran
 
Cờ Tướng - Liệt pháo tấn biên - Tập 1
Cờ Tướng - Liệt pháo tấn biên - Tập 1Cờ Tướng - Liệt pháo tấn biên - Tập 1
Cờ Tướng - Liệt pháo tấn biên - Tập 1
Tran Tuan
 
Countries
CountriesCountries
CountriesTurKana Israfilli
 

Recommended

Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 2
Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 2Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 2
Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 2
Tran Tuan
 
Cờ Tướng - Pháo đầu đối bình phong mã - Mã giáp pháo - Tập 2
Cờ Tướng - Pháo đầu đối bình phong mã - Mã giáp pháo - Tập 2Cờ Tướng - Pháo đầu đối bình phong mã - Mã giáp pháo - Tập 2
Cờ Tướng - Pháo đầu đối bình phong mã - Mã giáp pháo - Tập 2
Tran Tuan
 
Coursera
CourseraCoursera
CourseraMeltem Oksuz
 
Cờ Tướng - Các thế chiếu tướng
Cờ Tướng - Các thế chiếu tướngCờ Tướng - Các thế chiếu tướng
Cờ Tướng - Các thế chiếu tướng
Tran Tuan
 
Should You Outsource SEO?
Should You Outsource SEO?Should You Outsource SEO?
Should You Outsource SEO?Ocere
 
GeoVidyaa Geography Centres in Tamil Nadu -- at Coimbatore and Chennai
GeoVidyaa Geography Centres in Tamil Nadu -- at Coimbatore and ChennaiGeoVidyaa Geography Centres in Tamil Nadu -- at Coimbatore and Chennai
GeoVidyaa Geography Centres in Tamil Nadu -- at Coimbatore and Chennai
Chandra Shekhar Balachandran
 
Cờ Tướng - Liệt pháo tấn biên - Tập 1
Cờ Tướng - Liệt pháo tấn biên - Tập 1Cờ Tướng - Liệt pháo tấn biên - Tập 1
Cờ Tướng - Liệt pháo tấn biên - Tập 1
Tran Tuan
 
Countries
CountriesCountries
CountriesTurKana Israfilli
 
Computer hoy ¡todo gratis! [367][26 octubre 2012][sfrd]
Computer hoy ¡todo gratis! [367][26 octubre 2012][sfrd]Computer hoy ¡todo gratis! [367][26 octubre 2012][sfrd]
Computer hoy ¡todo gratis! [367][26 octubre 2012][sfrd]Camilo Andrés Naranjo Murillo
 
PB New Nations in the Middle East
PB New Nations in the Middle EastPB New Nations in the Middle East
PB New Nations in the Middle Eastchan0496
 
ASEE Klub Novi Sad 2014. Ocjenjivanje i nagradjivanje menadžera, Slavoljub P...
ASEE Klub Novi Sad 2014. Ocjenjivanje i nagradjivanje menadžera, Slavoljub P...ASEE Klub Novi Sad 2014. Ocjenjivanje i nagradjivanje menadžera, Slavoljub P...
ASEE Klub Novi Sad 2014. Ocjenjivanje i nagradjivanje menadžera, Slavoljub P...AdizesSEE
 
Editorial calendar slides v2.1
Editorial calendar slides v2.1Editorial calendar slides v2.1
Editorial calendar slides v2.1♛ Selina Power
 
Cờ Tướng - Cờ tướng trung cuộc
Cờ Tướng - Cờ tướng trung cuộcCờ Tướng - Cờ tướng trung cuộc
Cờ Tướng - Cờ tướng trung cuộc
Tran Tuan
 
Cờ Tướng - Pháo đầu đối phản cung mã
Cờ Tướng - Pháo đầu đối phản cung mãCờ Tướng - Pháo đầu đối phản cung mã
Cờ Tướng - Pháo đầu đối phản cung mã
Tran Tuan
 
Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 1
Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 1Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 1
Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 1
Tran Tuan
 
Vizyon Komünikasyon Teknolojileri
Vizyon Komünikasyon TeknolojileriVizyon Komünikasyon Teknolojileri
Vizyon Komünikasyon Teknolojileri
Vizyon Komünikasyon Teknolojileri
 
Cờ Tướng - Thiên phong pháo - 4 phần
Cờ Tướng - Thiên phong pháo - 4 phầnCờ Tướng - Thiên phong pháo - 4 phần
Cờ Tướng - Thiên phong pháo - 4 phần
Tran Tuan
 
10 tips incentive-infographic
10 tips incentive-infographic10 tips incentive-infographic
10 tips incentive-infographic
Incentive Inc
 
Webinar March 2015 - Migrate to SHA-2: implications & next steps
Webinar March 2015 - Migrate to SHA-2: implications & next stepsWebinar March 2015 - Migrate to SHA-2: implications & next steps
Webinar March 2015 - Migrate to SHA-2: implications & next steps
SSL247®
 
Symantec® Secure Site Pro SHA-1 Private - One Step Solution for Applications ...
Symantec® Secure Site Pro SHA-1 Private - One Step Solution for Applications ...Symantec® Secure Site Pro SHA-1 Private - One Step Solution for Applications ...
Symantec® Secure Site Pro SHA-1 Private - One Step Solution for Applications ...
The SSL Store™
 
Switch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration GuideSwitch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration Guide
Entrust Datacard
 
SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?
AntonioMaio2
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
OWASP EEE
 
Symantec SSL Explained
Symantec SSL ExplainedSymantec SSL Explained
Symantec SSL Explained
Symantec Website Security
 
Specification of SSL Certificate
Specification of SSL CertificateSpecification of SSL Certificate
Specification of SSL Certificate
CheapSSLUSA
 
Linux confau 2019: Web Security 2019
Linux confau 2019: Web Security 2019Linux confau 2019: Web Security 2019
Linux confau 2019: Web Security 2019
James Bromberger
 
How Comodo Wildcard SSL is secure all the sub-domain in a single certificate ...
How Comodo Wildcard SSL is secure all the sub-domain in a single certificate ...How Comodo Wildcard SSL is secure all the sub-domain in a single certificate ...
How Comodo Wildcard SSL is secure all the sub-domain in a single certificate ...
EasyWildcardSSL
 
Secure Your Ecommerce Website By SSL Certificates
Secure Your Ecommerce Website By SSL CertificatesSecure Your Ecommerce Website By SSL Certificates
Secure Your Ecommerce Website By SSL Certificates
karelruth
 
Microsoft Azure News - August 2021
Microsoft Azure News - August 2021Microsoft Azure News - August 2021
Microsoft Azure News - August 2021
Daniel Toomey
 
SSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS serverSSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS serverhannob
 

More Related Content

Viewers also liked

Computer hoy ¡todo gratis! [367][26 octubre 2012][sfrd]
Computer hoy ¡todo gratis! [367][26 octubre 2012][sfrd]Computer hoy ¡todo gratis! [367][26 octubre 2012][sfrd]
Computer hoy ¡todo gratis! [367][26 octubre 2012][sfrd]Camilo Andrés Naranjo Murillo
 
PB New Nations in the Middle East
PB New Nations in the Middle EastPB New Nations in the Middle East
PB New Nations in the Middle Eastchan0496
 
ASEE Klub Novi Sad 2014. Ocjenjivanje i nagradjivanje menadžera, Slavoljub P...
ASEE Klub Novi Sad 2014. Ocjenjivanje i nagradjivanje menadžera, Slavoljub P...ASEE Klub Novi Sad 2014. Ocjenjivanje i nagradjivanje menadžera, Slavoljub P...
ASEE Klub Novi Sad 2014. Ocjenjivanje i nagradjivanje menadžera, Slavoljub P...AdizesSEE
 
Editorial calendar slides v2.1
Editorial calendar slides v2.1Editorial calendar slides v2.1
Editorial calendar slides v2.1♛ Selina Power
 
Cờ Tướng - Cờ tướng trung cuộc
Cờ Tướng - Cờ tướng trung cuộcCờ Tướng - Cờ tướng trung cuộc
Cờ Tướng - Cờ tướng trung cuộc
Tran Tuan
 
Cờ Tướng - Pháo đầu đối phản cung mã
Cờ Tướng - Pháo đầu đối phản cung mãCờ Tướng - Pháo đầu đối phản cung mã
Cờ Tướng - Pháo đầu đối phản cung mã
Tran Tuan
 
Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 1
Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 1Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 1
Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 1
Tran Tuan
 
Vizyon Komünikasyon Teknolojileri
Vizyon Komünikasyon TeknolojileriVizyon Komünikasyon Teknolojileri
Vizyon Komünikasyon Teknolojileri
Vizyon Komünikasyon Teknolojileri
 
Cờ Tướng - Thiên phong pháo - 4 phần
Cờ Tướng - Thiên phong pháo - 4 phầnCờ Tướng - Thiên phong pháo - 4 phần
Cờ Tướng - Thiên phong pháo - 4 phần
Tran Tuan
 
10 tips incentive-infographic
10 tips incentive-infographic10 tips incentive-infographic
10 tips incentive-infographic
Incentive Inc
 

Viewers also liked (10)

Computer hoy ¡todo gratis! [367][26 octubre 2012][sfrd]
Computer hoy ¡todo gratis! [367][26 octubre 2012][sfrd]Computer hoy ¡todo gratis! [367][26 octubre 2012][sfrd]
Computer hoy ¡todo gratis! [367][26 octubre 2012][sfrd]
 
PB New Nations in the Middle East
PB New Nations in the Middle EastPB New Nations in the Middle East
PB New Nations in the Middle East
 
ASEE Klub Novi Sad 2014. Ocjenjivanje i nagradjivanje menadžera, Slavoljub P...
ASEE Klub Novi Sad 2014. Ocjenjivanje i nagradjivanje menadžera, Slavoljub P...ASEE Klub Novi Sad 2014. Ocjenjivanje i nagradjivanje menadžera, Slavoljub P...
ASEE Klub Novi Sad 2014. Ocjenjivanje i nagradjivanje menadžera, Slavoljub P...
 
Editorial calendar slides v2.1
Editorial calendar slides v2.1Editorial calendar slides v2.1
Editorial calendar slides v2.1
 
Cờ Tướng - Cờ tướng trung cuộc
Cờ Tướng - Cờ tướng trung cuộcCờ Tướng - Cờ tướng trung cuộc
Cờ Tướng - Cờ tướng trung cuộc
 
Cờ Tướng - Pháo đầu đối phản cung mã
Cờ Tướng - Pháo đầu đối phản cung mãCờ Tướng - Pháo đầu đối phản cung mã
Cờ Tướng - Pháo đầu đối phản cung mã
 
Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 1
Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 1Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 1
Cờ Tướng - Cờ tàn nghệ thuật và cờ thế giang hồ - Tập 1
 
Vizyon Komünikasyon Teknolojileri
Vizyon Komünikasyon TeknolojileriVizyon Komünikasyon Teknolojileri
Vizyon Komünikasyon Teknolojileri
 
Cờ Tướng - Thiên phong pháo - 4 phần
Cờ Tướng - Thiên phong pháo - 4 phầnCờ Tướng - Thiên phong pháo - 4 phần
Cờ Tướng - Thiên phong pháo - 4 phần
 
10 tips incentive-infographic
10 tips incentive-infographic10 tips incentive-infographic
10 tips incentive-infographic
 

Similar to Ssl247® SHA-2 timeline and compatibility

Webinar March 2015 - Migrate to SHA-2: implications & next steps
Webinar March 2015 - Migrate to SHA-2: implications & next stepsWebinar March 2015 - Migrate to SHA-2: implications & next steps
Webinar March 2015 - Migrate to SHA-2: implications & next steps
SSL247®
 
Symantec® Secure Site Pro SHA-1 Private - One Step Solution for Applications ...
Symantec® Secure Site Pro SHA-1 Private - One Step Solution for Applications ...Symantec® Secure Site Pro SHA-1 Private - One Step Solution for Applications ...
Symantec® Secure Site Pro SHA-1 Private - One Step Solution for Applications ...
The SSL Store™
 
Switch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration GuideSwitch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration Guide
Entrust Datacard
 
SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?
AntonioMaio2
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
OWASP EEE
 
Symantec SSL Explained
Symantec SSL ExplainedSymantec SSL Explained
Symantec SSL Explained
Symantec Website Security
 
Specification of SSL Certificate
Specification of SSL CertificateSpecification of SSL Certificate
Specification of SSL Certificate
CheapSSLUSA
 
Linux confau 2019: Web Security 2019
Linux confau 2019: Web Security 2019Linux confau 2019: Web Security 2019
Linux confau 2019: Web Security 2019
James Bromberger
 
How Comodo Wildcard SSL is secure all the sub-domain in a single certificate ...
How Comodo Wildcard SSL is secure all the sub-domain in a single certificate ...How Comodo Wildcard SSL is secure all the sub-domain in a single certificate ...
How Comodo Wildcard SSL is secure all the sub-domain in a single certificate ...
EasyWildcardSSL
 
Secure Your Ecommerce Website By SSL Certificates
Secure Your Ecommerce Website By SSL CertificatesSecure Your Ecommerce Website By SSL Certificates
Secure Your Ecommerce Website By SSL Certificates
karelruth
 
Microsoft Azure News - August 2021
Microsoft Azure News - August 2021Microsoft Azure News - August 2021
Microsoft Azure News - August 2021
Daniel Toomey
 
SSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS serverSSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS serverhannob
 
Microsoft Exchange Server & SSL Certificates: Everything you need to know
Microsoft Exchange Server & SSL Certificates: Everything you need to knowMicrosoft Exchange Server & SSL Certificates: Everything you need to know
Microsoft Exchange Server & SSL Certificates: Everything you need to know
CheapSSLsecurity
 
Why Comodo SSL Certificates for your Website?
Why Comodo SSL Certificates for your Website?Why Comodo SSL Certificates for your Website?
Why Comodo SSL Certificates for your Website?
Stacey Matthews
 
Poodle sha2 open mic
Poodle sha2 open micPoodle sha2 open mic
Poodle sha2 open mic
Rahul Kumar
 
SSL f or WordPress Websites
SSL f or WordPress WebsitesSSL f or WordPress Websites
SSL f or WordPress Websites
Paul Cook
 
Basics of ssl
Basics of sslBasics of ssl
Basics of ssl
n|u - The Open Security Community
 
overview about comodo ev ssl certificate
overview about comodo ev ssl certificateoverview about comodo ev ssl certificate
overview about comodo ev ssl certificateWilliam hendric
 
Key implications of PCI DSS v3.1 update
Key implications of PCI DSS v3.1 updateKey implications of PCI DSS v3.1 update
Key implications of PCI DSS v3.1 update
Ajay Unni
 
OWASP AppSec Research 2010 - The State of SSL in the World
OWASP AppSec Research 2010 - The State of SSL in the WorldOWASP AppSec Research 2010 - The State of SSL in the World
OWASP AppSec Research 2010 - The State of SSL in the World
Michael Boman
 

Similar to Ssl247® SHA-2 timeline and compatibility (20)

Webinar March 2015 - Migrate to SHA-2: implications & next steps
Webinar March 2015 - Migrate to SHA-2: implications & next stepsWebinar March 2015 - Migrate to SHA-2: implications & next steps
Webinar March 2015 - Migrate to SHA-2: implications & next steps
 
Symantec® Secure Site Pro SHA-1 Private - One Step Solution for Applications ...
Symantec® Secure Site Pro SHA-1 Private - One Step Solution for Applications ...Symantec® Secure Site Pro SHA-1 Private - One Step Solution for Applications ...
Symantec® Secure Site Pro SHA-1 Private - One Step Solution for Applications ...
 
Switch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration GuideSwitch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration Guide
 
SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
 
Symantec SSL Explained
Symantec SSL ExplainedSymantec SSL Explained
Symantec SSL Explained
 
Specification of SSL Certificate
Specification of SSL CertificateSpecification of SSL Certificate
Specification of SSL Certificate
 
Linux confau 2019: Web Security 2019
Linux confau 2019: Web Security 2019Linux confau 2019: Web Security 2019
Linux confau 2019: Web Security 2019
 
How Comodo Wildcard SSL is secure all the sub-domain in a single certificate ...
How Comodo Wildcard SSL is secure all the sub-domain in a single certificate ...How Comodo Wildcard SSL is secure all the sub-domain in a single certificate ...
How Comodo Wildcard SSL is secure all the sub-domain in a single certificate ...
 
Secure Your Ecommerce Website By SSL Certificates
Secure Your Ecommerce Website By SSL CertificatesSecure Your Ecommerce Website By SSL Certificates
Secure Your Ecommerce Website By SSL Certificates
 
Microsoft Azure News - August 2021
Microsoft Azure News - August 2021Microsoft Azure News - August 2021
Microsoft Azure News - August 2021
 
SSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS serverSSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS server
 
Microsoft Exchange Server & SSL Certificates: Everything you need to know
Microsoft Exchange Server & SSL Certificates: Everything you need to knowMicrosoft Exchange Server & SSL Certificates: Everything you need to know
Microsoft Exchange Server & SSL Certificates: Everything you need to know
 
Why Comodo SSL Certificates for your Website?
Why Comodo SSL Certificates for your Website?Why Comodo SSL Certificates for your Website?
Why Comodo SSL Certificates for your Website?
 
Poodle sha2 open mic
Poodle sha2 open micPoodle sha2 open mic
Poodle sha2 open mic
 
SSL f or WordPress Websites
SSL f or WordPress WebsitesSSL f or WordPress Websites
SSL f or WordPress Websites
 
Basics of ssl
Basics of sslBasics of ssl
Basics of ssl
 
overview about comodo ev ssl certificate
overview about comodo ev ssl certificateoverview about comodo ev ssl certificate
overview about comodo ev ssl certificate
 
Key implications of PCI DSS v3.1 update
Key implications of PCI DSS v3.1 updateKey implications of PCI DSS v3.1 update
Key implications of PCI DSS v3.1 update
 
OWASP AppSec Research 2010 - The State of SSL in the World
OWASP AppSec Research 2010 - The State of SSL in the WorldOWASP AppSec Research 2010 - The State of SSL in the World
OWASP AppSec Research 2010 - The State of SSL in the World
 

More from SSL247®

Webinar SSL Français
Webinar SSL FrançaisWebinar SSL Français
Webinar SSL Français
SSL247®
 
Webinar SSL English
Webinar SSL EnglishWebinar SSL English
Webinar SSL English
SSL247®
 
Flyer domains names English
Flyer domains names EnglishFlyer domains names English
Flyer domains names English
SSL247®
 
Flyer noms de domaine
Flyer noms de domaineFlyer noms de domaine
Flyer noms de domaine
SSL247®
 
Flyer certificats ssl
Flyer certificats sslFlyer certificats ssl
Flyer certificats ssl
SSL247®
 
Flyer MySSL
Flyer MySSLFlyer MySSL
Flyer MySSL
SSL247®
 
Noms de Domaine
Noms de DomaineNoms de Domaine
Noms de DomaineSSL247®
 
Signatures Electroniques
Signatures ElectroniquesSignatures Electroniques
Signatures ElectroniquesSSL247®
 
SSL247 - Symantec Partner Success
SSL247 - Symantec Partner SuccessSSL247 - Symantec Partner Success
SSL247 - Symantec Partner SuccessSSL247®
 

More from SSL247® (9)

Webinar SSL Français
Webinar SSL FrançaisWebinar SSL Français
Webinar SSL Français
 
Webinar SSL English
Webinar SSL EnglishWebinar SSL English
Webinar SSL English
 
Flyer domains names English
Flyer domains names EnglishFlyer domains names English
Flyer domains names English
 
Flyer noms de domaine
Flyer noms de domaineFlyer noms de domaine
Flyer noms de domaine
 
Flyer certificats ssl
Flyer certificats sslFlyer certificats ssl
Flyer certificats ssl
 
Flyer MySSL
Flyer MySSLFlyer MySSL
Flyer MySSL
 
Noms de Domaine
Noms de DomaineNoms de Domaine
Noms de Domaine
 
Signatures Electroniques
Signatures ElectroniquesSignatures Electroniques
Signatures Electroniques
 
SSL247 - Symantec Partner Success
SSL247 - Symantec Partner SuccessSSL247 - Symantec Partner Success
SSL247 - Symantec Partner Success
 

Recently uploaded

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
UiPathCommunity
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
ViralQR
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 

Recently uploaded (20)

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 

Ssl247® SHA-2 timeline and compatibility

  • 1. SSL247® SHA-2 MIGRATION Table of contents SHA-1 deprecation, moving to SHA-2..............1 What is SHA-1 and why it is being deprecated?.................1 What is SHA-2?...........................................................................1 Deadlines...........................................................2 What does Microsoft say about SHA-1?...............................2 What does Google say about SHA-1?...................................2 Timeline Microsoft + Google...................................................3 Should I renew or not?..............................................................4 SHA-2 Compatibility..............................................5 OS, Browser and Server support.............................................5 Detailed Operating System Support......................................6 E-mail Clients..............................................................................6 WordProcessors.........................................................................6 Code Signing...............................................................................7 SafeNet iKey / eToken Compatibility.......................................7 Mainframe....................................................................................7 Services.........................................................................................7 SSL247 @SSL247 /SSL247LTD SSL247® - The Web Security Consultants - Platinum partner of Symantec, Thawte, GeoTrust, GlobalSign and Comodo © 2014 SSL247 Ltd. All rights reserved. SSL247 Limited is registered in England & Wales No: 5802692 Our accreditations INFORMATION SECURITY MANAGEMENT INFORMATION SECURITY MANAGEMENT ISO 27001
  • 2. 1SSL247® Ltd - 63 Lisson Street - Marylebone - London - NW1 5DA - UK   Ι   SSL247 Ltd is registered in England and Wales - No. 5802692 What is SHA-1 and why is it being deprecated? SHA, or Secure Hash Algorithm, is a hashing algorithm used in secured connections to prove the integrity and authenticity of a message to the receiver. SHA algorithm is the default hash algorithm set in SSL certificates. SHA-1 is an algorithm producing a 160-bit fingerprint when used on a message. It was the standard up until now for secured connections. However SHA-1 was adopted in 1995, a long time ago in internet years. Just think of the computer you were using in 1995! Huge advances in technology and developments in cryptography since then are putting pressure on SHA-1, and it has been shown to be unreliable. Its days are numbered and the SSL industry is migrating to SHA-2. From January 1st 2017, SSL certificates using SHA-1 will no longer be recognised by web browsers and operating systems, rendering them useless. Most major browsers (Chrome, Safari, Mozilla, Opera) have voiced their support for the move. What is SHA-2? SHA-2 is a set of hash functions including SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224 and SHA-512/256. The most common hash function used is SHA-256. So generally speaking, SHA-2 = SHA-256. It works the same way as SHA-1, but produces a longer fingerprint when used on a message (256-bit instead of 160-bit for SHA-1). Moving from SHA-1 to SHA-2 will increase security and safety online. SHA-1 deprecation, moving to SHA-2 ®
  • 3. 2SSL247® Ltd - 63 Lisson Street - Marylebone - London - NW1 5DA - UK   Ι   SSL247 Ltd is registered in England and Wales - No. 5802692 ® What does Microsoft say about SHA-1? Microsoft’s Operating Systems will stop trusting SSL certificates using SHA-1 from January 1st, 2017, and Digital Signatures using SHA-1 from January 1st, 2016. All Certification Authorities (Symantec, GlobalSign, Comodo, ...) will stop issuance and / or reissuance of SSL certificates by January 1st, 2016. What does Google say about SHA-1? Google believes Microsoft’s deadline (January 1st, 2017) is too far away from now, and SHA-1 is already a weak hashing algorithm. To force people to move to SHA-2 as soon as possible, Google will deprecate on Chrome the use of a SHA-1 certificate which is valid after May 2016. To do so, they are displaying warning icons on websites using such certificates (see the timeline below). Deadlines If your SHA-1 SSL certificate expires after January 1st, 2017, from this date any user trying to connect to your server will get this warning message
  • 4. 3 SSL247® Ltd - 63 Lisson Street - Marylebone - London - NW1 5DA - UK   Ι   SSL247 Ltd is registered in England and Wales - No. 5802692 ® SHA-1 Certificates expiring Between June 1st , 2016 and December 31st , 2016 SHA-1 Certificates expiring After January 1st , 2017 What the user saw on Chrome 39 (Released November 2014) What the user sees now on Chrome 40 (Released January 2015) What the user will see on Chrome 41 (Release: Q1 2015) A C 2014 2015 2016 2017 A B C 01 Jan 2017 Microsoft stops trusting SHA‑1 SSL certificates. Secure, but with minor errors Secure, but with minor errors Secure, but with minor errors Neutral, lacking security Affirmatively insecure Secure Note: if you have an EV (Extended Validation) certificate with SHA-1 expiring after June 1st, 2016, the new icon display in Chrome (as shown above) will remove the green bar. B
  • 5. 4 The SHA-1 algorithm is set by default in your SSL certificate at the time of purchase, unless specified otherwise. In any case, your SSL certificate must use SHA-2 from January 1st, 2017, and all Certification Authorities have ensured you can purchase SHA-2 certificates from now on. If you chose to be PCI compliant, note that SHA-2 is an element required by the authority in charge of this norm (Payment Card Industry Security Standards Council). There are three possible situations: If your certificate expires before January 1st, 2016: you can still get a SHA-1 certificate, but its validity period can’t go after January 1st, 2017. Google Chrome won’t display any warning icon on your website. If your certificate expires between January 1st, 2016 and January 1st, 2017: you won’t have any other choice than renewing with SHA-2, but your SHA-1 certificate remains valid until December 31st, 2016. However : if your certificate expires between June 1st and December 31st, 2016, Google Chrome displays a “minor error” icon on your website. If your SSL certificate expires after January 1st, 2017: after this date, Microsoft Operating Systems will stop trusting your SSL certificate, and web browsers will do the same. In addition to this, Google Chrome is displaying a “lacking security” icon on your website, and later on this year the “lacking security” icon will become a “non secure” icon (with the release of Chrome 41). Even if your certificate expires before or during 2016, we recommend that you migrate to SHA-2 as soon as you can. Renewing in SHA-2 with SSL247®can be done at any time. It is entirely free of charge, easy and will not require a lot of manipulation (note that SHA-2 certificates must be installed with their corresponding SHA-2 intermediates). Overall there are minor compatibility issues, and the sooner you start using SHA-2, the more time you will have to fix issues before your SHA-1 certificate becomes invalid. You will save time and avoid last-minute stress ! Our SHA-1 checker is available to help you quickly find out if your certificates are SHA-1: https://www.ssl247.com/ssl-tools/sha1-checker Should I renew or not? SSL247® Ltd - 63 Lisson Street - Marylebone - London - NW1 5DA - UK   Ι   SSL247 Ltd is registered in England and Wales - No. 5802692
  • 6. 5 ® SSL247® Ltd - 63 Lisson Street - Marylebone - London - NW1 5DA - UK   Ι   SSL247 Ltd is registered in England and Wales - No. 5802692 OS, Browser and Server support SHA-2 Compatibility   Minimum OS Version (SSL Certificates) Minimum OS Version (Client Certificates) Apple OS X 10.5+ 10.5+ Apple iOS 3.0+ 3.0+ Android 2.3+ 2.3+ Blackberry 5.0+ 5.0+ ChromeOS ✓ ✓ Windows XP SP3+ XP SP3+ Windows Phone 7+ 7+ Windows Server 2003 SP2 +Hotfixes (MS13-095) 2003 SP2 +Hotfixes (MS13-095)         Minimum Browser Version   Chrome 1.0+ (38+)   Firefox 1.0+   Internet Explorer 6+ (On a SHA-2 compatible OS)   Konqueror 3.5.6+   Mozilla 1.4+   Netscape 7.1+   Opera 6.0+   Safari 3+ (Ships with OS X 10.5)           Minimum Server Version   Apache Server* 2.0.63+ w/ OpenSSL 0.9.8o+   IBM Domino Server 9.x with Fix Pack   IBM HTTP Server 8.5 (Bundled with Domino 9)   Microsoft Server Exchange Dependent on Windows Server Version Oracle Weblogic 10.3.1+   * Apache 2.0 is bundled with mod_ssl by default. Versions prior to 2.0 require manual installation of mod_ssl for any SSL support at all. Mod_gnutls is an alternative to mod_ssl, leveraging GnuTLS instead of OpenSSL libraries.
  • 7. 6   SSL Certificates (Client Side) SSL Certificates (Server Side) S/ MIME Code Signing Windows XP (SP1, SP2) ✗ N/A ✗ ✗ Windows XP SP3 ✓ N/A Partial Partial Windows Vista ✓ N/A ✓ Partial Windows 7 ✓ N/A ✓ Partial Windows 8 ✓ N/A ✓ ✓           Windows Server 2003 / 2003 SP1 ✗ ✗ ✗ ✗ Windows Server 2003 SP2 +MS13-095 ✓ ✓ ✓ N/A Windows Server 2008 ✓ ✓ ✓ Partial Windows Server 2008 R2 ✓ ✓ ✓ ✓ Windows Server 2012 & 2012 R2 ✓ ✓ ✓ ✓           Windows Phone 5 ✗ N/A ✗ N/A Windows Phone 6 ✗ N/A ✗ N/A Windows Phone 7 ✓ N/A ✓ N/A Windows Phone 8 ✓ N/A ✓ N/A      E-mail Clients   Verify SHA-1 Signed E-Mail Verify SHA-256 Signed E-Mail Send SHA-1 Signed E-Mail Send SHA-256 Signed E-Mail Mozilla Thunderbird 24 on XP SP3 ✓ ✓ ✓ N/A IBM Notes 8 ✓ ✗ ✓ ✗ IBM Notes 9 ✓ ✓ ✓ ✓ Microsoft Entourage 2004 ✓ ✗ ✓ ✗ Microsoft Entourage 2008 ✓ ✓ ✓ ✓ Outlook 2003 / 2007 on XP SP3 ✓ ✗ ✓ ✗ Outlook 2007 on Windows Vista & 7  ✓ ✓ ✓ ✓ Outlook for Mac 2011 ✓ ✓ ✓ ✓   Detailed Operating System Support SSL247® Ltd - 63 Lisson Street - Marylebone - London - NW1 5DA - UK   Ι   SSL247 Ltd is registered in England and Wales - No. 5802692 Notes on “Partial” compatibility: • S/MIME: Outlook on Windows XP SP3 can utilize certificates signed with SHA-256 but cannot validate an e-mail signed using the SHA-256 hashing algorithm. By default Outlook signs with SHA1 even if a SHA2 cert is in use though this behavior can be changed if desired. • Code Signing: Code can be signed with a SHA2 cert on any of the systems listed as having partial or full compatibility without issue. There is an incompatibility with SHA2 signed kernel drivers on the partially compatible platforms. Kernel drivers signed with SHA2 certs will not install on systems listed as having “Partial” compatibility.
  • 8. 7 Word Processors     Verify SHA-1 Signed Docu- ment Verify SHA-256 Signed Document Place SHA-1 Signature with SHA-256 certif- icate Place SHA-256 Sig- nature with SHA-256 certificate Word 2003 & 2007 on XP SP3  ✓ N/A ✓ ✗ LibreOffice Writer 4.2 on XP SP3  ✓ N/A ✓ N/A Document Signing   Place SHA1 Signature with SHA-256 certificate Place SHA2 Signature with SHA-256 certificate Validate SHA2 Signature LibreOffice 4 ✓ ✗ ✗ Microsoft Office 2003, 2007 ✓ ✗ ✗ Microsoft Office 2010, 2013 ✓ ✓ ✓ Adobe Acrobat 8.0+ ✓ ✓ ✓ Adobe Reader 8.0+ ✓ ✓ ✓ Note: Adobe Reader 8+ can place signatures with a Digital ID if the functionality has been enabled via Adobe Acrobat Professional. Adobe Acrobat & Adobe Reader are compatible with SHA-256 certs as of version 8.0, but still place SHA1 signatures by default. As of version 9.1, Acrobat & Reader will prefer SHA-256 for the signature hash if available, otherwise it will fall back to SHA1. SHA-2 signatures can be preferred in versions prior to 9.1 through edits to the registry. Digital signatures placed with newer versions of Microsoft Office may not be backwards compatible with older versions. Legacy compatibility can be specified manually. Office 2003 - 2010 work with SHA-2 certs, but place SHA1 signatures. Office 2013 uses SHA2 as the default signature hash when available. You can specify the signature hash in Office 2010 & 2013 via the registry. Windows Code Signing   Executables Kernel Drivers VBA Macros: Of- fice 2003, 2007 VBA Macros: Office 2010 VBA Macros: Office 2013 Windows XP (SP1, SP2) ✗ ✗ ✗ ✗ N/A Windows XP SP3 ✓ ✗ ✗ ✓ N/A Windows Vista ✓ ✗ ✗ ✓ N/A Windows 7 ✓ ✗ ✗ ✓ ✓ Windows 8 ✓ ✓ ✗ ✓ ✓ Office 2010 on Windows 7 requires hotfix kb 2598139 to add SHA-256 support for CodeSigning Certs.     Minimum Version Required Visual Studio Tools for Office (VSTO) 10.0.50325 SSL247® Ltd - 63 Lisson Street - Marylebone - London - NW1 5DA - UK   Ι   SSL247 Ltd is registered in England and Wales - No. 5802692
  • 9. 8 Toolkits, Libraries, Frameworks, etc.   Minimum Version Required Java Java 1.4.2+ Mozilla NSS 3.8+ OpenSSL 0.9.8o+ GNUTLS 1.7.4+ .NET FX 3.5 SP1+ SafeNet iKey / eToken Compatibility     Works with SHA2 Certificate Place SHA1 Signature Place SHA2 Signature iKey 4000  ✓ ✓ ✗ eToken 5100 ✓ ✓ ✓ Mainframe       Minimum Version Required IBM z/OS  v1r10   Citrix Support   Minimum Version Required Citrix receiver Varies - See PDF Services   Notes Belgian Online Government Services No SHA2 Support. Issue PersonalSign3 as SHA1. FDA ESG Works with SHA2 FDA Encrypted E-Mail FDA S/MIME firewall cannot handle SHA2. WARNING : a critical bug called "Heartbleed bug" has been detected in OpenSSL versions 1.0.1 to 1.0.1f - if you use any of them, update immediatly to 1.0.1g an reissue all you certificates with new key pairs.
  • 10. SSL247® info@SSL247.com +1-800-511-9176 www.SSL247.com Contact us: SSL247 @SSL247 /SSL247LTD SSL247® - The Web Security Consultants - Platinum partner of Symantec, Thawte, GeoTrust, GlobalSign and Comodo © 2014 SSL247 Ltd. All rights reserved. SSL247 Limited is registered in England & Wales No: 5802692 Our accreditations INFORMATION SECURITY MANAGEMENT INFORMATION SECURITY MANAGEMENT ISO 27001