Has anyone figured out if we should expect a flood of customer calls on
January 1 related to deprecation of SHA-1 certificates?
I keep seeing articles predicting Internet doomsday on January 1, 2016. But
it looks to me like that's just the date CA's stop issuing new SHA-1 certs
and browsers will not accept SHA-1 certs ISSUED after January 1, which
shouldn't happen anyway. And that January 1, 2017 (or possibly earlier) is
when OS and browser vendors may stop accepting older SHA-1 certs.
So wouldn't that be the date when we start getting customer calls, not
January 1?
Of course, I'm making the assumption that if a site that used to work now
gets an error message, customers will call us assuming "the tower is down"
or "my ISP is blocking sites". Who else are they going to call? Google?
Microsoft? The site owner who didn't get an updated cert?
https://googleonlinesecurity.blogspot.ro/2015/12/an-update-on-sha-1-certificates-in.html
- [AFMUG] SHA-1 certs and January 1 Ken Hohhof
-