
SHA-1 Deprecation: No Browser Left Behind - jgrahamc
https://blog.cloudflare.com/sha-1-deprecation-no-browser-left-behind
======
discreditable
I understand that people who have not upgraded risk being cut off from the
web, but I can't help but wonder if this action compromises the safety of
everyone else just to save those people. If there's a state which can forge a
SHA-1 certificate for MITM, how hard is it for them to abuse this fallback
feature to compromise modern clients?

~~~
jvehent
Soon enough, modern browsers will deprecate SHA-1, rendering this attack
mostly impossible.

