Today, November 24, 2016, Debian developer and Ubuntu member Julian Andres Klode announced that he plans on turning off SHA1 support for APT repositories starting January 1, 2017.As you might know, or not, the long-awaited deprecation of the SHA-1 (Secure Hash Algorithm 1) encryption, which is used to verify digital content, CRLs (certificate revocation lists), and digital certificates, is set for the first day of January 2017 worldwide, which might affect you browser the Internet.
But by SHA-1 encryption is also used to sign the APT (Advanced Package Tool) repositories of Debian-based operating systems, including the popular Ubuntu and Linux Mint, and it looks like these SHA-1-signed repos will be automatically rejected by APT in Ubuntu 16.04 LTS (Xenial Xerus) and Ubuntu 16.10 (Yakkety Yak).
"We already turned this off for fields inside the (meta) index files, this step now involves rejecting SHA1-based GPG signatures as well," explains Julian Andres Klode in t... (read more)
from Softpedia News / Linux http://ift.tt/2g6iaNO
via IFTTT
No comments:
Post a Comment