Skip to content

SHA1 deprecation step 1: treat new SHA1 certificates as insecure #46

@ameshkov

Description

@ameshkov

The same as here:
AdguardTeam/AdguardForWindows#730

https://googleonlinesecurity.blogspot.com/2015/12/an-update-on-sha-1-certificates-in.html
https://blog.mozilla.org/security/2015/10/20/continuing-to-phase-out-sha-1-certificates/

TL;DR:
Do not filter SSL connection if a SHA-1 certificate is issued after January 1, 2016.
We should also add a code for step 2 also (stop accepting all SHA-1 certificates after January 1, 2017).

Metadata

Metadata

Assignees

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions