Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Finally Bans SHA-1 Certificates In Its Browsers (zdnet.com)

Posted by EditorDavid on from the living-on-the-Edge dept.

An anonymous reader quotes ZDNet: With this week's monthly Patch Tuesday, Microsoft has also rolled out a new policy for Edge and Internet Explorer that prevents sites that use a SHA-1-signed HTTPS certificate from loading. The move brings Microsoft's browsers in line with Chrome, which dropped support for the SHA-1 cryptographic hash function in January's stable release of Chrome 56, and Firefox's February cut-off... Apple dropped support for SHA-1 in March with macOS Sierra 10.12.4 and iOS 10.3... Once Tuesday's updates are installed, Microsoft's browsers will no longer load sites with SHA-1 signed certificates and will display an error warning highlighting a security problem with the site's certificate.

1 of 38 comments (clear)

  1. Who modded this drivel up? by Anonymous Coward · · Score: 2, Informative

    It was announced over three years ago (and they gave a year's extension):

    https://technet.microsoft.com/en-us/library/security/2880823.aspx

    Microsoft may be shite at a lot of things, but one thing they aren't is giving their enterprise customers long-term notice about changes like this.