[OWASP-South Africa] SHA1

Brett Russell brett.russell at owasp.org
Tue Oct 7 04:37:36 UTC 2014


My concern is the devices, browsers etc that don't support sha256,
especially when in my opinion, the move is not really necessary?

On Saturday, October 4, 2014, Wellington Mekhoe <wmekhoe at gmail.com> wrote:

> Hi Brett
>
> I think for now most people won't care about the changes, however as
> chrome is being used more now for business use, companies will be forced to
> upgrade their certificates.
>
> Kind regards
> Wellington Mekhoe
> On 26 Sep 2014 9:14 PM, "Brett Russell" <brett.russell at owasp.org
> <javascript:_e(%7B%7D,'cvml','brett.russell at owasp.org');>> wrote:
>
>> Hi All,
>>
>> As most of you probably know, Google plans to start "sunsetting" SHA1
>> support with some interesting changes to Chrome:
>>
>>
>> http://googleonlinesecurity.blogspot.com/2014/09/gradually-sunsetting-sha-1.html
>>
>> There have been some interesting responses from the global security
>> community, what do you have to say about all this? Is anyone in SA actually
>> going to care, or upgrade their certificate to cater for this?
>>
>> Kind Regards,
>> Brett Russell
>> OWASP South Africa Chapter Leader
>>
>> _______________________________________________
>> OWASP-SouthAfrica mailing list
>> OWASP-SouthAfrica at lists.owasp.org
>> <javascript:_e(%7B%7D,'cvml','OWASP-SouthAfrica at lists.owasp.org');>
>> https://lists.owasp.org/mailman/listinfo/owasp-southafrica
>>
>>

-- 

Kind Regards,
Brett Russell
OWASP South Africa Chapter Leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-southafrica/attachments/20141007/5956dc6c/attachment.html>


More information about the OWASP-SouthAfrica mailing list