Apple is deprecating SHA-1, an old security standard, in iOS 13 and macOS Catalina. This is good news as SHA-2 and SHA-3, its replacements, is more secure.
Created by the U.S. National Security Agency (NSA), Secure Hash Algorithm 1 (SHA-1) is a cryptographic hash function. Most security experts have been warning of its insecurity since 2005. Since 2010 computer organizations have been recommending SHA-2 and SHA-3 to replace it. In 2017 all major web browsers stopped accepting SHA-1 SSL certificates.
Apple’s support page has new security requirements for TLS server certificates:
- TLS server certificates and issuing CAs using RSA keys must use key sizes greater than or equal to 2048 bits. Certificates using RSA key sizes smaller than 2048 bits are no longer trusted for TLS.
- TLS server certificates and issuing CAs must use a hash algorithm from the SHA-2 family in the signature algorithm. SHA-1 signed certificates are no longer trusted for TLS.
- TLS server certificates must present the DNS name of the server in the Subject Alternative Name extension of the certificate. DNS names in the CommonName of a certificate are no longer trusted.
Additionally, Apple is expected to deprecate TLS 1.0 and TLS 1.1 in Safari by 2020, although it’s unknown whether macOS Catalina has started the process or not.