As sites move to SHA2 encryption, millions face HTTPS lock-out

[Chiefcrowe]

http://www.zdnet.com/article/as-sha1-winds-down-sha2-leap-will-leave-millions-stranded

 

[John Connor]

Okay, my website has two fingerprints in the SSL Cert. SHA256 and SHA1. Wouldn't SHA256 be better than SHA2? I don't understand this terminology.

 

[mikeymikec]

XP SP2? The latest version of Firefox apparently installs on it... I'm failing to see a problem here. Surely the advancements in HTML/CSS standards have locked out more users?

What about Windows 98 users, you insensitive jerks! It was the best version of Windows EVAR!

 

[Chiefcrowe]

Well, you should be good because:

"The SHA-2 family consists of six hash functions with digests (hash values) that are 224, 256, 384 or 512 bits: SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256."

Okay, my website has two fingerprints in the SSL Cert. SHA256 and SHA1. Wouldn't SHA256 be better than SHA2? I don't understand this terminology.

 

[John Connor]

Interesting. I just don't understand the terminology. --->SHA2--->SHA256.

 

[unokitty]

Interesting. I just don't understand the terminology. --->SHA2--->SHA256.

NIST's Policy on Hash Functions
August 5, 2015

SHA-1: Federal agencies should stop using SHA-1 for generating digital signatures, generating time stamps and for other applications that require collision resistance. Federal agencies may use SHA-1 for the following applications: verifying old digital signatures and time stamps, generating and verifying hash-based message authentication codes (HMACs), key derivation functions (KDFs), and random bit/number generation. Further guidance on the use of SHA-1 is provided in SP 800-131A.

SHA-2 (i.e., SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224 and SHA-512/256): Federal agencies may use these hash functions for all applications that employ secure hash algorithms. NIST encourages application and protocol designers to implement SHA-256 at a minimum for any applications of hash functions requiring interoperability. Further guidance on the use of SHA-2 is provided in SP 800-57 Part 1, section 5.6.2 and SP 800-131A.

A little more info here SHA-2.

Don't know if the above helps or not...

Uno

 

[John Connor]

Well, since my site is using SHA256, and I can access the site with Pale Moon, Chrome, Cyberfox and Firefox 28, as well as seeing visitors with smart devices access the site. I think this idea that SHA-2 being a problem is a mute point.

 

[Dude111]

What about Windows 98 users, you insensitive jerks! It was the best version of Windows EVAR!

Well early version of firefox WILL RUN on Win98se but FF is not as good as IE6 I have tried it...

You wouldnt believe all the customisation I can do with sites with IEs compatibility mode! (I dont need any add-ons to do it,all I need is a seperate CSS file to run) that and having MyIE2 lets me do an unreal amount of things I couldnt do with any other browsers... (Not as easy anyway (If @ all))

I have said this on other sites and Ill say it here also.. All this SSL crap is to try and force ppl OFF OLDER BROWSERS,etc... THAT THEY CANT USE TO SPY ON PPL WITH!!

 

[Crusty]

Well early version of firefox WILL RUN on Win98se but FF is not as good as IE6 I have tried it...

You wouldnt believe all the customisation I can do with sites with IEs compatibility mode! (I dont need any add-ons to do it,all I need is a seperate CSS file to run) that and having MyIE2 lets me do an unreal amount of things I couldnt do with an other browsers... (Not as easy anyway (If @ all))

I have said this on other sites and Ill say it here also.. All this SSL crap is to try and force ppl OFF OLDER BROWSERS,etc... THAT THEY CANT USE TO SPY ON PPL WITH!!

I really hope this is a joke post... :thumbsdown:

 

[John Connor]

He's renowned Internet wide for posting conspiratorial non-sense. He's also a 9/11 truther, so there you go. I do believe he still uses Windows 98se. Not sure.

It's not a conspiracy to make people use updated browsers, "Dude." It's all in the cracking ability of the hash, yo!