SungHoon_Kim

SHA1 Certificates being phased out (deprecated)

Blog Post created by SungHoon_Kim Employee on Nov 25, 2015

http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-ti…

Snippet from above link.

Enforcement details

 

Certificate TypeWindows BehaviorMicrosoft Policy
TLS certificatesCertificates signed with SHA-1 will be Blocked after 1/1/2017CAs must move all new certs to SHA-2 after 1/1/2016
Code signing certificatesOn Win 7 and above, blocked on 1/1/2020 if time stamped before 1/1/2016, otherwise, blocked after 1/1/2016 for Mark of the Web files.CAs should issue new code signing certs with SHA-1 after 1/1/2016 only for developers targeting Vista/2008, otherwise, move all new certs to SHA2
S/MIME certificatesNo OS specific policies. Application policies.CAs are recommended to move to SHA-2
Time-stamping certificatesNo changes until SHA-1 preimage is possibleCAs must issue new TS certs with SHA-1 after 1/1/2016 only for developers targeting Vista/2008, otherwise, move all new certs to SHA2
OCSP signing and CRL signing certificatesNo changes until SHA-1 preimage is possibleNo changes until SHA-1 preimage is possible
OCSP signatures

On Windows 10 and above for certificates with the Must Staple extension, SHA-1 signatures will not be accepted after 1/1/2016

On Windows 10 and above, SHA-1 signatures will not be accepted for any TLS certificate after 1/1/2017

CAs should move to using SHA-2 starting 1/1/2016 for SHA-2 TLS certificates.

CAs should prepare to move to SHA-2 for all TLS certificates by 1/1/2017

CRL signaturesNo changes until SHA-1 preimage is possibleNo changes until SHA-1 preimage is possible
Code signing signaturesNo changes until SHA-1 preimage is possibleNo changes until SHA-1 preimage is possible
Time-stamp signaturesOn Win 10 and above, blocked on 1/1/2017 for Mark of the Web files.CAs should move to using SHA-2 starting 1/1/2016

 

Schedule

 

Now -> 12/31/2015 1/1/2016 -> 1/1/2017 ->
CAsWindowsCAsWindowsCAsWindows
TLS CertificatesCAs can issue SHA-1 and SHA-2SHA-1 and SHA-2 are supportedCAs must issue SHA-2 onlyNo changeNo changeWindows trusts SHA- 2 only
Code Signing CertificatesCAs can issue SHA-1 and SHA-2SHA-1 and SHA-2 are supportedCAs SHOULD issue SHA-2 only, unless developer is targeting Vista and Server 2008 (for them, CAs MAY issue SHA-1)Windows trusts SHA1 (if timestamped prior to 1/1/2016) and SHA-2 (any timestamp) for Mark of the Web files. (Note: no kernel mode enforcement)No changeNo change
Timestamp CertificatesCAs can issue SHA-1 and SHA-2SHA-1 and SHA-2 are supportedCAs SHOULD issue SHA-2 only, unless developer is targeting Vista and Server 2008 (for them, CAs MAY issue SHA-1)No changeNo changeNo change
S/MIME CertificatesCAs can issue SHA-1 and SHA-2, although Microsoft recommends SHA-2SHA-1 and SHA-2 are supportedNo changeNo changeNo changeNo change
OCSP and CRL Signing CertificatesCAs can issue SHA-1 and SHA-2SHA-1 and SHA-2 are supportedNo changeNo changeNo changeNo change
OCSP SignaturesCAs can sign OCSP responses with SHA-1 and SHA-2SHA-1 and SHA-2 are supportedCAs SHOULD sign OCSP responses with SHA-2 onlyWindows no longer trusts OCSP signatures made with SHA-1 for certificates with the Must Staple extensionNo changeWindows no longer trusts OCSP signatures made with SHA-1 for any TLS certificate
CRL SignaturesCAs can sign CRLs with SHA-1 and SHA-2SHA-1 and SHA-2 are supportedNo changeNo changeNo changeNo change

 

 

 

Also, another source.

https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/

 

 

And there is this article explaining how to upgrade your corporate Microsoft Certificate Authority from SHA1 to SHA2.

How to Prepare Your Microsoft PKI Infrastructure for the Deprecation of the SHA1 Hash Algorithm | The Gotham Blog

 

Outcomes