powerpoint presentation...microsoft's windows root certification program ... 9. title...
TRANSCRIPT
•
•
•
•
•
•
•
•
•
•
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
https://technet.microsoft.com/en-us/library/security/3033929.aspx
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪https://cabforum.org/
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
Three Phases
▪ Phase 1▪ “TLS lock icon” will not appear on “public” SHA-1 signed TLS certificates in IE/Edge
▪ Took effect in 2016
▪ Phase 2▪ IE/Edge will present warning message for SHA-1 signed TLS certificates in IE/Edge
▪ Planned to take effect in mid-2017
▪ Phase 3▪ No date yet announced, behavior not announced, but expected to be further rejection of SHA-1
signed certificates (and possibly more)
▪ Only for TLS certificates issued by/chained to CAs in Microsoft's Windows Root Certification program ▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
1.
2.
3.
4.
5.
6.
7.
8.
9.
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪
▪