
SHA-1 Deprecation: No Browser Left Behind - jgrahamc
https://http2.cloudflare.com/sha-1-deprecation-no-browser-left-behind/
======
PhantomGremlin
That MSIE image shows exactly what's wrong with this approach. The message is
far too general. It _should_ say something like

    
    
       the browser attempted to make a secure connection to ...
       but the browser and the website were unable to agree
       on the protocol ...
    

Saying "click the refresh button" doesn't help in this situation, and the
browser _knows_ it.

I'm not a UI expert. Someone smarter than me would doubtlessly phrase it much
better than I did. The point is, the error message should be much more
specific than it is.

~~~
prdonahue
Unfortunately, the browser does not "know it". This is IE6 on Windows XP SP2.
That browser is quite old and wasn't build with SHA-2 support, hence the
inability to validate the certificate presented by Google.

