Google announced the abandonment of the SHA-1 protocol

Weeks ago, Microsoft and Mozilla announced that they wanted to increase the security of their systems by upgrading the SSL certificates that they were using. The SHA-1 algorithm, still used in a lot of sites, it has been regarded as vulnerable, so it is clear that their use is dangerous for the information that is exchanged. Basically, because anyone can successfully perform a cyber attack.

SHA-1 protocol

Now it is the Google planning to upgrade the security of SSL certificates that uses. Specifically, the company would leave behind the SHA-1 protocol to prevent attacks on the security of their systems, besides providing an additional layer of protection for all users who use both services and applications of the company.

Google plans with respect to the SHA-1 certificates pass through several areas. First of all, there will be blocked the new certificates that have the well-known protocol. The next step will be the block all existing certificates that use it. Operations in this regard will begin in 2016 with the chrome 48 version, but will be extended gradually.

On the other hand, noting that both Microsoft and Mozilla and Google will end in February 2016, support for the RC4 encryption algorithm, which is used in TLS and SSL. This change will affect on all the browsers of the entities, therefore we recommend generating new certificates, in case to need them.

We must admit that SSL certificates are very important, especially in these times when it is necessary to transmit data of importance. Security should also be day without failures that can compromise us in any way.

Leave a Reply