Mozilla has warned Firefox users they may be cut off from more of the web than expected – now that the browser rejects new HTTPS certificates that use the weak SHA-1 algorithm. If you use Firefox with some antivirus products, or on a network fitted with a box that inspects traffic for malicious stuff, and visit a site that uses an old crummy SHA-1-signed SSL cert, the browser will refuse to access that website. Firefox rejects SHA-1-signed certificates issued since the end of 2015 because the hashing algorithm is problematic: an eavesdropper could tamper with the cert to spy on you, and you’d never know, for example.
View full story
ORIGINAL SOURCE: The Register