Is Puppy ready?In 2016, tens of millions of people around the world will face trouble accessing some of the most common encrypted websites like Facebook, Google and Gmail, Twitter, and Microsoft sites.
Why? Because their browser or device will be unable to read the new, more secure certificates.
SHA1, the cryptographic hashing algorithm that's been at the heart of the web's security for a decade, will be retired in a little over a year. Some say it could be cracked by the end of the year, essentially making it useless and weakening security for millions of users.
Certificate authorities said they will respond by no longer issuing SHA1 certificates at midnight, January 1 2016, opting instead for SHA2 certificates. SHA2 is a significantly stronger algorithm that will last for many years to come. But there's a problem. A small but sizable portion of the internet's users don't have browsers or devices that are compatible with SHA2.
As sites move to SHA2, millions face HTTPS lock-out
As sites move to SHA2, millions face HTTPS lock-out
As sites move to SHA2 encryption, millions face HTTPS lock-out
-
BarryK
- Puppy Master
- Posts: 9392
- Joined: Mon 09 May 2005, 09:23
- Location: Perth, Western Australia
- Contact:
Re: As sites move to SHA2, millions face HTTPS lock-out
YesFlash wrote:As sites move to SHA2 encryption, millions face HTTPS lock-outIs Puppy ready?In 2016, tens of millions of people around the world will face trouble accessing some of the most common encrypted websites like Facebook, Google and Gmail, Twitter, and Microsoft sites.
Why? Because their browser or device will be unable to read the new, more secure certificates.
SHA1, the cryptographic hashing algorithm that's been at the heart of the web's security for a decade, will be retired in a little over a year. Some say it could be cracked by the end of the year, essentially making it useless and weakening security for millions of users.
Certificate authorities said they will respond by no longer issuing SHA1 certificates at midnight, January 1 2016, opting instead for SHA2 certificates. SHA2 is a significantly stronger algorithm that will last for many years to come. But there's a problem. A small but sizable portion of the internet's users don't have browsers or devices that are compatible with SHA2.
[url]https://bkhome.org/news/[/url]
Thats a good question and have appropriately bumped.
EDIT:
in the meantime I had a look at FF27 using about:config. Yes its ready, but I had to false A LOT of stuff, and change security levels of SSL and TLS to 3 max / 2 minimum. Newer versions of FF are NOT IMMUNE, in fact even FF39 needs a lot of work ( I trialled this as an update, but rejected it as bloated). As is even my own slacko5.7-2015a is OK, but even a few tweaks are needed there. It does look like a 2015b or 2016 will be needed to ease the conversion.
As far as the OS... glibc here (slacko 5.7) looks to be 2.16.x and needs an upgrade along with nettle, OR I need a 3.19.xx non-pae kernal.
EDIT:
in the meantime I had a look at FF27 using about:config. Yes its ready, but I had to false A LOT of stuff, and change security levels of SSL and TLS to 3 max / 2 minimum. Newer versions of FF are NOT IMMUNE, in fact even FF39 needs a lot of work ( I trialled this as an update, but rejected it as bloated). As is even my own slacko5.7-2015a is OK, but even a few tweaks are needed there. It does look like a 2015b or 2016 will be needed to ease the conversion.
As far as the OS... glibc here (slacko 5.7) looks to be 2.16.x and needs an upgrade along with nettle, OR I need a 3.19.xx non-pae kernal.
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
"Zuckerberg: a large city inhabited by mentally challenged people."