CAcert with new signature algorithm

From now on, certificates from CAcert are signed with SHA512 as signature hashing algorithm. Doing so, CAcert improves the security of newly issued certificates over the previously used, usual standard in the industry for certificate authorities. Formerly created certificates remain valid of course. Due to limitations in Microsoft Windows XP without Service Pack 3 the new signatures cannot be validated there. An update to at least Microsoft Windows XP with Service Pack 3 or better (e.g. Linux) eliminates this limitation.

One thought on “CAcert with new signature algorithm

Leave a Reply