Confirm, administrator
5,526
edits
Changes
m
→SHA-1 Certificates
CAs should not be issuing new SHA-1 certificates, and should be migrating their customers off of SHA-1 intermediate and end-entity certificates.
If a CA still needs to issue SHA-1 certificates for compatibility reasons, then those SHA-1 certificates should expired expire before 2017.
=== Generic names for CAs ===
