A new year brings hope for starting the next 12 months with a clean slate. However, it may also start with an increase in help desk calls. That’s because Google is determined the next version of its Chrome browser — to be released early in the year — will begin its program of blocking unsecure SHA-1 certificates used to verify HTTPS Web sites.
It will start with blocking new SHA-1 certificates, and then in the summer Chrome will block all of them. Chrome 48, coming shortly, will display a certificate error if it encounters a site with an intermediate or leaf certificate that is signed with a SHA-1-based signature issued on or after January 1, 2016 and chains to a public certificate authority. Instead the browser will only recognize the newer and more secure SHA-256 certificates. Sites using new SHA-1 certificates that chain to local trust anchors (rather than public CAs) will continue to work without a certificate error.
But if a Chrome browser comes across a new SHA-1 certificate it will issue a warning like this:
Chrome isn’t alone in dropping support for SHA-1 certificates. Microsoft (Edge browser) and Mozilla (Firefox) will end support this summer as well.
However, ThreatPost.com notes that recently Facebook warned that tens of millions could be cut off from the Internet in January because up to 7 per cent of browsers in use do not support SHA-256. CloudFlare, a content delivery network, believes 37 million people could be affected. Facebook has proposed that the CA/Browser Forum delay implementation of the SHA-1 rules create a new Legacy Verified certificate that would issued to organizations that have made SHA-256 certificates available to modern browsers.
It’s not a theoretical worry: Even Google recalls that when Chrome disabled the MD5 algorithm used in a wide variety of cryptographic applications, a number of enterprises, schools, and small businesses were affected when their proxy software continued to use the insecure algorithms had had to rush out updates. Some personal firewall software were also affected.
While Chrome 48 will issue a warning users can ignore once browsers completely block sites in the summer that have a SHA-1-based signature as part of the certificate chain (not including the self-signature on the root certificate) they will trigger a fatal network error. Google notes that Chrome uses the certificate trust settings of the host OS where possible, and that an update such as Microsoft’s planned change will cause a fatal network error in Chrome, regardless of Chrome’s intended target date.
Web site operators are being urged to immediately support SHA-2, drop support for non-RC4 cipher suites, and implement transport layer security (TLS) best practices.
Google announced in September that it would gradually sunset support for SHA-1.