On 03/10/2011 09:17 AM, Stephen John Smoogen wrote: > On Thu, Mar 10, 2011 at 01:07, Petr Pisar <ppi...@redhat.com> wrote: >> On 2011-03-10, Stephen Smoogen <smo...@gmail.com> wrote: >>> We have already updated fedorahosted.org and will now be updating the >>> cert for the main site: fedoraproject.org. >>> >>> The old certificate came from Equifax, was a 1024 bit key and had the >>> fingerprint: >> [...] >>> The new certificate is issued by GeoTrust, Inc and is a 4096 bit key >>> with the fingerprint: >>> >> Key length is not everything. Didn't you forget to upgrade hash >> algorithm? Sticking on SHA-1 that's been abandoned by ETSI and other >> authorities does not look most safely. > >From my research to use the SHA-2 in TLS requires the user and server > to be both able to talk TLS-1.2. From what I found at wikipedia > (http://en.wikipedia.org/wiki/Transport_Layer_Security) Firefox does > not support 1.2 (only Opera and IE8 do). There are more than one usage for SHA-1/SHA-2. TLS uses SHA-1 as an HMAC. SHA-1 is still strong for such use (though prudence would encourage one to move off of SHA-1 even for this operation).
SHA-1 is also used in the certificate. That, in theory, doesn't require TLS 1.2, though only TLS 1.2 includes protocol to tell servers what hashing algorithms the clients support, so in a strict sense only TLS tells you whether or not it's safe to use a cert with something other than SHA-1 or MD5. Most modern browers will support SHA-2 algorithms in the certificate (even when using SSL3, to TLS 1.x). The notable exceptions is verisons of Windows older than Windows XP service patch 3, and several older phones. Many CA's are apparently starting to move SHA-256 roots this year, mostly driven by NIST standards. bob
smime.p7s
Description: S/MIME Cryptographic Signature
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
