[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

The SHA1 sunset

From: Lars Magne Ingebrigtsen
Subject: The SHA1 sunset
Date: Sun, 03 Jan 2016 10:55:36 +0100
User-agent: Gnus/5.130014 (Ma Gnus v0.14) Emacs/25.1.50 (gnu/linux)

SHA1 is considered to be likely to be "broken" sometime this year (i.e.,
the NSA will be able to create SHA1 collisions that may enable them to
issue SHA1 certificates to themselves at will for any domain (some
people are very sceptical of this claim)), so I've added warnings about
SHA1 certificates to the "high" `network-security-level' setting in
Emacs 25.1 now.

Other browser makers have announced their intention to refuse to make
any TLS connection using SHA1-signed certificates on January 1st, but
I'm not sure whether they actually went through with this?

We might consider at some point in the future to move this check to the
"medium" (default) setting.

(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

reply via email to

[Prev in Thread] Current Thread [Next in Thread]