Assurance

["Joe St Sauver" <>]

Hi,

Tom followed up to a question from 
,
 who'd asked:

#> Compliance Concerns: Discussion on this list indicated concern about 
#> browser support of SHA-2, especially for older browsers.
#> (http://www.digicert.com/transitioning-to-sha-2.htm contains a list of
#> browser compatibility)
#
#I'll let Joe respond to this one since he's on top of what's happening
#in the browser CA community.

Since Tom called me out by name, happy to address this. :-)

All remotely-current browsers and operating systems currently support SHA-2. 

The biggest risks are likely some non-browser application that may be 
coded with an out-of-date crypto library, as noted in 
https://casecurity.org/2013/12/16/sha-1-deprecation-on-to-sha-2/
or people who are, shall we say, "running with scissors" [cough]
by continuing to use ancient operating systems or ancient browsers
for security sensitive applications, neither of which are very good 
ideas.

That said, every site needs to do its own due dilligence when it comes to
evaluating its local readiness to go to SHA-2 -- don't take my word for 
it, *check* your own systems and applications.

Begin by carefully reviewing your servers, applications and browsers to 
ensure that everything's current and compatible with SHA-2.

-- As I've mentioned previously elsewhere, my favorite SSL/TLS server
testing application for onesie-twosie tests is this one, from Qualys:

  https://www.ssllabs.com/ssltest/ (note the tick box below the URL 
  entry box, in the event that you want to be able to get a quick checkup
  w/o broadcasting your results to the world)

-- There's also an experimental SSL/TLS *client* tester available, see

   https://www.ssllabs.com/ssltest/viewMyClient.html (signature 
   algorithms are reported down near the bottom of the page)

You can run that to see how your browser of choice looks.

-- If you've got an application that's using certs on a non-standard
port, such as perhaps an SMTP server, IMAPS server, etc., you may also 
want to know about the Comodo SSL testing application, which allows you 
to specify a non-standard port (e.g., using FQDN:portnumber) -- see:

   https://sslanalyzer.comodoca.com/

-- If you have servers that log user agent strings, you may also want
to give those logs a look, although note that some people may use
a user-agent-switcher plugin to intentionally obfuscate their actual 
choice of browser, so take those logs with a grain of sale.

Finally, current plans are for InCommon to begin phasing in support 
for SHA-2 for those subscribing to the InCommon Certificate Service
later this year (this will likely be in the form of an optin toggle 
that will let you pick SHA-1 or SHA-2 when ordering a cert via the 
Comodo Certificate Manager).

One more quick note for those who are Certificate Service subscribers:
we've heard from a couple of folks interested in SHA-2 related-crypto 
who may actually want not just SHA-2, but the FULL RFC 6460 Suite B 
Profile for TLS, as standardized in https://tools.ietf.org/html/rfc6460 
(yes, one of the authors for that standard is from the NSA, make of
that what you will).

Because Suite B uses elliptic curve crypto, Suite B compatible certs 
needs to be issued from an ECC root. Fortunately, one of the four (4)
elliptic curve cert roots that's currently part of the default
trust anchor set in Firefox belongs to Comodo, see the spreadsheet linked
from 
http://www.mozilla.org/en-US/about/governance/policies/security-group/certs/included/
(search the spreadsheet for ECC to find those four entries)

Comodo has indicated that they're willing to allow InCommon 
Certificate Service users to get Suite B-compatible certificates 
that chain from that ECC root (thank you, Comodo!), but since that 
root is an extended validation root, you'll need to jump through 
all the normal extended validation paperwork hoops if you'd like
to do so (and be sure you emphasize as part of your application
for that cert that you need a cert issued off the Comodo ECC root).

Any questions, feel free to drop me a note off-list at 


Thanks, and have a nice night,

Regards,

Joe

Joe St Sauver, Ph.D. 
(
 or 
)
InCommon Certificate Program Manager (under contract through UO)
http://pages.uoregon.edu/joe/