Moving to SHA2 encryption, millions face HTTPS lock-out

D

DelJo63

As sites move to SHA2 encryption, millions face HTTPS lock-out
original story is at
http://www.zdnet.com/article/as-sha1-winds-down-sha2-leap-will-leave-millions-stranded/

"We're about to leave a whole chunk of the internet in the past," as millions of people
remain dependent on old, insecure, but widely-used encryption.

SHA1 certificates will no longer be issued from 2016.

In 2016, tens of millions of people around the world will face trouble accessing some of the most common
encrypted websites like Facebook, Google and Gmail, Twitter, and Microsoft sites.

Why? Because their browser or device will be unable to read the new, more secure certificates.

For most people, there's nothing to worry about (Chrome &Firefox).
The majority are already using the latest Chrome or Firefox browser,
the latest operating system, or the newest smartphone with the latest software, which
are compatible with the old SHA1-hashed websites and the newer SHA2-hashed websites.​

But many, particularly those in developing nations,
who are running older software, devices, and even "dumbphones," the candy-bar cellphones that have basic mobile internet, will face a brick wall, because their devices aren't up-to-date enough to even know what SHA2 is. Mozilla's 'one million downloads' mistake There's no way to tell exactly how many will be affected until it happens, in part because there are no concrete figures on how many people are running old or unsupported browsers or devices.​

Ivan Ristic, head of of SSL Labs at Qualys, said in an email that users of Windows XP SP2 and earlier,
and Android 2.2 and earlier
, do not support SHA2 certificates.
 
Back