14 DAY TRIAL // Twitter has joined Facebook and CloudFlare in petitioning the CA/B forum to address the issue of a hastened and improperly regulated SHA-1 deprecation process for older devices/browsers, which might leave millions of Internet users without a way to access secure HTTPS websites.
The whole SHA-1 "end of the world" scare started after a group of researchers proved that cracking SHA-1 algorithms might be easier and cheaper than previously estimated.
This led browser makers like Mozilla, Microsoft, and Google to announce a quicker timeline for marking SHA-1-signed SSL/TLS certificates (used for HTTPS connections) as insecure in their browsers, and eventually preventing connections from being made to sites that use these outdated certificates.
While browser makers were initially lauded for their quick responses, major Internet services answered a few weeks later, when they understood what this really meant.
The "Welcome to the Internet, All Browsers Welcome" initiative
The first to sound the alarm was CloudFlare, one of the Internet's biggest CDNs (content delivery networks), who was quickly backed up by Facebook.
According to their claims, around 37 million users are still using outdated devices and browsers, incapable of supporting the more secure SHA-2 certificates, to which the CA/B forum is trying to upgrade service providers (and indirectly users).
The two proposed a plan that would allow CAs (Certificate Authorities) to continue to issue new SHA-1 certificates, but only to site operators that prove that they operate their service via SHA-2 primarily. The SHA-1 certificates are to be used only as a backup, for users that for economical or technical reasons cannot use a device/browser capable of supporting SHA-2.
Twitter is the latest major Internet service to adhere to this initiative, mainly because between 3 and 6% of its userbase still uses such older devices/browsers.
Since there are sites that operate fully and only via HTTPS, as more Web services realize that transitioning to SHA-2 would mean losing quite a chunk of their userbase, expect more of them to join this initiative.
