DigiCert Blog

All posts under: Announcements

  1. Mozilla to Add SHA-1 Security Warnings

    Yesterday Mozilla announced that they too will discontinue trust in sites secured with SHA-1 certificates and will be adding a warning to both the Firefox Web Console and browser starting next year. In their blog post, Mozilla explained the security situation with SHA-1 and stated that they agreed with Microsoft and Google that SHA-1 certificates…


  2. What Is SHA-2 and How the SHA-1 Deprecation Affects You

    SSL Announcement

    SSL pulse currently reports that only 15% sites use SHA-256 certificates as of September 2014. Microsoft announced last year that it would end trust for SHA-1 SSL Certificates after January 1, 2017 to address possible threats in the future. Earlier this month, Google announced they would be adding warning indicators for sites using SHA-1 certificates expiring after…


  3. Google Ending Trust for SHA-1 SSL Sites, How it Affects You

    SHA-1 Online Error

    Google and Microsoft have both announced that they would end support for the SHA-1 hashing function used in a majority of SSL Certificates online at a later date, giving the 85% sites that still use SHA-1 certificates time to plan their migration to SHA-256. However, last week Google announced that they were accelerating their SHA-1 deprecation plan by adding…


  4. Firefox 32 Supports Public Key Pinning

    On September 2, Mozilla launched Firefox 32 for Windows, Mac, Linux, and Android. This new version of Firefox includes support for Public Key Pinning (PKP), adding another layer of security for Firefox users by ensuring they connect to their intended site. PKP is a way for sites to indicate which Certificate Authorities (CAs) have issued…


  5. FBCA Cross-Signing Authority Now Required for Directed Exchange

    Safeguarding user privacy and security is key to the success of healthcare information exchange. In recognition of this fact, the federal government issued a recommendation that agencies implementing Direct are required to use Federal Bridge Certification Authority (FBCA) cross-certified certificates for non-federal organizations exchanging electronic health records (EHRs) with federal agencies. For at least the…