Insights and Outlooks from the Digital Identity Market Leader

SHA-1 has been in the news (again). We’ve all known that the SHA-1 hash function is cryptographically weak. In fact, CSS has been pointing out the weaknesses of SHA-1 for years now. Time's Up for SHA-1, CSS' Suggested Migration Pa [...]

Many of you know that the cryptographic hash algorithm SHA-1 is in the process of being deprecated, due primarily to the hashing algorithm’s susceptibility to collision attacks. I first wrote about this back in 2011: http://blog.c [...]

By now, you may have already heard that Microsoft will start deprecating trust in certificates with SHA-1 signatures in 2016. In our view, this is a prudent move by Microsoft. We've long known that SHA-1 was weakening, and showing [...]

As many know, the cryptographic hash function known as Secure Hash Algorithm 1 (SHA-1) has been deemed weak by NIST, and is no longer recommended. The NSA addressed the weaknesses in SHA-1 by publishing the SHA-2 hash function sta [...]

Recently, while working on a Microsoft Network Device Enrollment Services (NDES) deployment, a client asked a simple-enough question about the thumbprint for the Certificate Authority (CA) certificate that was displayed on the NDE [...]

SHA-1 is a widely adopted hash algorithm that can no longer be considered trustworthy. Current PKI design analysts must weigh the benefits of implementing SHA-2 verses the compatibility problems associated with its adoption. This [...]