Not particularly fresh news to some people but definitely important for anyone relying on SSL connections to websites who now need to plan for getting SSL certificates from a Root CA that uses SHA-2.
Microsoft Security Advisory 2880823
Published: November 12, 2013
Executive Summary
Microsoft is announcing a policy change to the Microsoft Root Certificate Program.
The new policy will no longer allow root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes of SSL and code signing after January 1, 2016.
Using the SHA-1 hashing algorithm in digital certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks.
Recommendation: Microsoft recommends that certificate authorities no longer sign newly generated certificates using the SHA-1 hashing algorithm and begin migrating to SHA-2.
Microsoft also recommends that customers replace their SHA-1 certificates with SHA-2 certificates at the earliest opportunity.
For example, here are the details from a current VeriSign certificate:
Will this impact any versions of Windows?
According to:
Windows PKI Blog
Published: September 30th, 2010
the support for SHA2 will vary:
No support for SHA2 – Windows XP sp2, Windows 2003 sp2
Limited support for SHA2 – Windows XP sp3 with KB 938397/KB 968730, Windows 2003 sp2 with KB 938397/KB 968730
Full support – Windows Vista and above
Note – “Limited support” added by the hotfixes mentioned includes the following SHA2 hashes: SHA-256, SHA-384, SHA-512 (but not SHA-224).
What’s up with SHA-224?
According to Alejandro Campos Magencio’s cryptography blog:
Decrypt my World
SHA-2 support on Windows XP
Published January 23rd, 2009
Regarding SHA-224 support, SHA-224 offers less security than SHA-256 but takes the same amount of resources. Also SHA-224 is not generally used by protocols and applications.
Further reading
Security Research and Defence Blog
Published November 12th, 2013