In November Kyle Pflug of Microsoft posted they were considering blocking SHA-1 certificates as early as June 2016. NIST/DISA extended SHA1 deprecation until January of 2017. What will be the impact of software vendors taking action prematurely. Will this be the Y2K of Internet Security? I'm already running into issues with specific encryption protocols. Are companies aware of what security protocols are used by their web services and will they be impacted? What is the risk of not changing protocols? How have current hacks impacted these decisions? All comments welcome.
Red Flag Submitted
Thank you for helping keep Tek-Tips Forums free from inappropriate posts. The Tek-Tips staff will check this out and take appropriate action.
Reply To This Thread
Posting in the Tek-Tips forums is a member-only feature.