These days digital signatures which uses mathematical approach are widely used to verify and authenticate the validity and integrity of many digital properties like: websites, Documents, softwares, communications and currencies using key pairs, they use digital signatures with hidden messages usually in a hexadecimal format connected securely to the keys of the signer and can only be decrypted by it's corresponding key in a recorded transaction. This documents can be signed(encrypted) by either private or public keys and decrypted by the corresponding public or private key depending on which was used.
While digital certificates are files or electronic passwords that embraces cryptographic hashes and public key infrastructure to authenticate the validity of a device, server or user (PKI). Public key infrastructure (PKI) governs the issuance of digital certificates to protect sensitive data, provide unique digital identities for users, devices and applications and secure end-to-end communications and are widely acknowledged protocol for digital signatures.
Certification Authorities SHA-256 are secure Hash Algorithm used as the preferred hash function to secure most digital documents and after the ban of SHA-1 since it is vulnerable to attacks, digital authorities switched to SHA-256 hash and ECDSA but still wondered why Baltimore CyberTrust Root still issue SHA-1 with RSA encrypted hashes in its certificate to bitcointalk. RSA are secured but how about SHA1
SHA-1 (Secure Hash Algorithm 1) dates back to 1995 and has been known to be vulnerable to theoretical attacks since 2005. The U.S. National Institute of Standards and Technology has banned the use of SHA-1 by U.S. federal agencies since 2010, and digital certificate authorities have not been allowed to issue SHA-1-signed certificates since Jan. 1, 2016,
How to check the certification of Bitcointalk - Web addresses with padlock at the right edge of the url proves validity of the sites certification and quick way to tell if the site is certified or not. To check the validity documentation click on the padlock at the edge of the url.
- Next tap on certification to provide the companies that issued the certification to the forum this is also applied to every website on the internet
- There are three certifications for the forum address each having it's own unique certificate
- check the detail of each certificate authorities to view their certification then
- From there you scroll down to see the digital signature algorithm used by each certification authority
still wondering why this has to use SHA1
[/list]
Always check for this padlock at the url to ensure the sites you are visiting are well validated and secure and that they use SHA256 signature algorithm.
source:
link