Google Works To Sunset SHA-1 In Chrome

Written by Michael Larabel in Google on 6 September 2014 at 11:24 AM EDT. 23 Comments
GOOGLE
Google will begin warning users when accessing HTTPS sites whose certificate chains are using SHA-1, due to this cryptographic hash algorithm being weak.

Due to SHA-1 being weak and Internet security threats only increasing, with the release of Chrome 39 later this year they're starting to bid farewell to HTTPS certificate signatures using SHA-1. There's already been a large push away from using SHA-1 by all Internet players due to its weakness to attack.

With Chrome 39 SHA-1-based signatures will be treated as secure but with errors, Chrome 40 will then begin treating them as neutral, and Chrome 41 will treat the certificates as "affirmatively insecure". This change is about SHA-1-signed certificates that don't expire until after 1 January 2017.

More details via this Chromium blog post.
23 Comments
Related News
Google Announces Axion ARM-Based CPUs For The Cloud
Google's Jpegli Offers ~35% Compression Improvement For High Quality JPEGs
Google Making $1M USD Investment To Improve Rust & C++ Interoperability
Chrome 121 Adds New CSS & WebGPU Features
The Mainline Linux Kernel To Finally Support The Google Tensor GS101 SoC & Pixel 6
Chrome 120 Released With Theora Support Evaporating, Adds WebGPU & CSS Improvements
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Linus Torvalds Injects Tabs To Thwart Kconfig Parsers Not Correctly Handling Them
Linux 6.10 To Merge NTSYNC Driver For Emulating Windows NT Synchronization Primitives
Fedora 41 Looks To "-O3" Optimizations For Its Python Build
Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver
APT 2.9 Released: Debian's APT 3.0 To Have A New UI With Colors, Columnar Display & More
KDE's KWin Merges Wayland Explicit Sync Support
Open-Source Radeon Driver Enables Support For Vulkan Video H.264/H.265 Encode
Ubuntu 24.04 Beta Now Available For Testing