Morning Internals, I plan to distrust SHA-1 certificates by default in PHP 7.2. All major browsers will no longer trust SHA-1 certificates starting already 2017-01-01.
Unfortunately, PHP doesn't even provide a way yet to limit the accepted algorithms for certificates. The RFC fixes that and introduces new defaults for PHP 7.2. The "signature_algorithms" context option will also be backported to PHP 5.6, which is only supported until the end of 2016 with regular releases, but after that there will be two more years of security-only updates. Therefore I'd like to get this done before the end of 2016. Currently the RFC aims for BC and doesn't restrict the algorithms on older versions. As all major browsers start distrusting those certificates on 2017-01-01 I'm not sure whether that's the correct choice. I'd like to go secure-by-default there and disable SHA-1 also on older versions. People which really need longer can always opt-out and add the needed algorithms again. Unfortunately, we didn't announce any plans regarding SHA-1 yet, so this might be a bit last-minute. You can read the full RFC in the wiki: https://wiki.php.net/rfc/distrust-sha1-certificates Regards, Niklas
