Filter Blogs expand_more
Blog add
Authors add
Solutions add
Products add
Product Categories add
35 Results for 'SHA'
Blog

By Bruce Morton

January 27, 2015

When Google Chrome 41 is released, it will treat certificate chains using SHA-1 which are valid past January 1, 2017 as affirmatively insecure.
Blog

By Bruce Morton

October 19, 2015

The Freestart collision for full SHA-1 paper was released by Marc Stevens, Pierre Karpman and Thomas Peyrin. This is not a collision attack on the SHA-1 function itself, but on the compression function that underlies it. The research paper states "Freestart collisions, like the one presented here, do not directly imply a collision for SHA-1. However, this work is an important milestone towards an actual SHA-1 collision and it further shows how graphics cards can be used very efficiently for these kind of attacks."
Blog

By Bruce Morton

December 02, 2015

Research indicates that SHA-1 signed SSL/TLS certificates face increasing vulnerabilities forcing leading browsers to reconsider how long they will support this technology. This blog outlines dates around the phasing out of SHA-1.
Blog

By Bruce Morton

December 22, 2015

On January 1, 2016, the public trust certification authorities (CAs) will stop issuing SHA-1 signed SSL/TLS certificates. The bottom line is SHA-1 is vulnerable. New studies have shown that the safety factor is decreasing. Continuing to issue SHA-1 signed certificates could compromise a CA or could compromise a legitimate website. Unfortunately for old browser and operating users, the servers must continue to move to SHA-2 signed certificates. These users should try to move to supported systems.
Blog

By Bruce Morton

March 13, 2015

Chrome 41 was released on March 3, 2015. You may have noticed, Chrome 41 did not have a change to treat certificate chains using SHA-1 valid past January 1, 2017 to be affirmatively insecure.
Blog

By Entrust Datacard

January 07, 2016

Shadow IT can be loosely defined as the incorporation of any information technology introduced into an organization that is not necessarily approved by management. 
Blog

By Bruce Morton

December 09, 2013

We have previously reviewed implementation of SHA-2, but with Bruce Schneier stating the need to migrate away from SHA-1 and the SHA-1 deprecation policy from Microsoft, the industry must start to make some progress in 2014.
Blog

By Bruce Morton

December 05, 2016

 If you have yet to migrate to SHA-2, check out Entrust Datacard’s SHA-2 Migration Guide. It will help you plan and execute a successful SHA-2 migration to avoid extra costs, eliminate service disruptions and ensure compliance.
Blog

By Bruce Morton

April 06, 2017

Entrust Datacard Stops Issuing SHA-1 Certificates
Blog

By Sandra Carielli

December 11, 2017

How do you explain to your business the risk of continuing to use SHA-1 certificates?
Page 1 of 4