Insights and Outlooks from the Digital Identity Market Leader

Mar 22, 2017 11:41:01 AM
SHA-1 has been in the news (again). We’ve all known that the SHA-1 hash function is cryptographically weak. In fact, CSS has been pointing out the weaknesses of SHA-1 for years now. Time's Up for SHA-1, CSS' Suggested Migration Pa [...]
Oct 9, 2015 12:45:15 PM
Many of you know that the cryptographic hash algorithm SHA-1 is in the process of being deprecated, due primarily to the hashing algorithm’s susceptibility to collision attacks. I first wrote about this back in 2011: http://blog.c [...]
Dec 10, 2013 4:47:24 AM
By now, you may have already heard that Microsoft will start deprecating trust in certificates with SHA-1 signatures in 2016. In our view, this is a prudent move by Microsoft. We've long known that SHA-1 was weakening, and showing [...]
Oct 4, 2012 8:16:30 AM
As many know, the cryptographic hash function known as Secure Hash Algorithm 1 (SHA-1) has been deemed weak by NIST, and is no longer recommended. The NSA addressed the weaknesses in SHA-1 by publishing the SHA-2 hash function sta [...]
Feb 21, 2012 6:00:32 AM
Recently, while working on a Microsoft Network Device Enrollment Services (NDES) deployment, a client asked a simple-enough question about the thumbprint for the Certificate Authority (CA) certificate that was displayed on the NDE [...]
Apr 18, 2011 5:00:16 AM
SHA-1 is a widely adopted hash algorithm that can no longer be considered trustworthy. Current PKI design analysts must weigh the benefits of implementing SHA-2 verses the compatibility problems associated with its adoption. This [...]