Mozilla’s Security Engineering Team has announced that they are proactively phasing out the SHA-1 based signature algorithms for digital certificates, stemming from a concern that it too, like the MD5 hash algorithm, could be susceptible to collision attacks.
Here’s an excerpt from the official announcement:
SHA-1 is nearly twenty years old, and is beginning to show its age. In the last few years, collision attacks undermining some properties of SHA-1 have been getting close to being practical. Collision attacks against the older MD5 hash algorithm have been used to obtain fraudulent certificates, so the improving feasibility of collision attacks against SHA-1 is concerning. In order to avoid the need for a rapid transition should a critical attack against SHA-1 be discovered, we are proactively phasing out SHA-1.
We encourage Certification Authorities (CAs) and Web site administrators to upgrade their certificates to use signature algorithms with hash functions that are stronger than SHA-1, such as SHA-256, SHA-384, or SHA-512.
You may read the complete announcement here.
