-
Enhancement
-
Resolution: Unresolved
-
P2
-
None
RFC 9155 [1] deprecates the use of SHA-1 in TLS & DTLS 1.2 digital signatures. This does not affect SHA-1 in TLS server certificates which has already been disabled.
Other TLS implementations have started deprecating their usage. Chrome 117 has removed support for signature algorithms using SHA-1 for server signatures during the TLS handshake [2]. OpenSSL changed their default security level to 2 in version 3.2.0, and this level disables SHA-1 TLS signatures.
[1] https://www.rfc-editor.org/rfc/rfc9155.html
[2] https://chromestatus.com/feature/4832850040324096
Other TLS implementations have started deprecating their usage. Chrome 117 has removed support for signature algorithms using SHA-1 for server signatures during the TLS handshake [2]. OpenSSL changed their default security level to 2 in version 3.2.0, and this level disables SHA-1 TLS signatures.
[1] https://www.rfc-editor.org/rfc/rfc9155.html
[2] https://chromestatus.com/feature/4832850040324096
- is blocked by
-
-
- In Progress
-
- relates to
-
-
- Open
-