Remove TLS 1.2 ECDSA with SHA-1 and SHA-512 signature algorithms (removed)

In most modes, TLS 1.2 uses a signature in the ServerKeyExchange message to prove ownership of the private key. (Note this is NOT related to SHA-1 certificates.) There is an extension, signature_algorithms, to negotiate which signature algorithms are acceptable. To reduce dependencies on SHA-1 and prepare for TLS 1.3's new ECDSA handling, we intend to remove ECDSA with SHA-1 and ECDSA with SHA-512, leaving only SHA-256 and SHA-384 for ECDSA.


Working draft or equivalent

Status in Chromium


Removed (launch bug) in:

  • Chrome for desktop release 56
  • Chrome for Android release 56
  • Android WebView release 56
  • Opera release 43
  • Opera for Android release 43

Consensus & Standardization

  • No public signals
  • No public signals
  • No public signals
  • No signals


Last updated on 2017-06-14