When used properly, cryptography will impede even the most capable of attackers. One of the keys to using it properly is to implement and even to require the use of the latest crypto standards.
On Tuesday Microsoft made several announcements of changes in pursuit of stronger cryptography:
Unlike most other standards, cryptography standards have a definite shelf life. Research and Moore's law conspire to weaken techniques which were state of the art in their day.
- As of January 1, 2016, Microsoft will no longer allow certificate authorities in the Microsoft Root Certificate Program to issue certificates for SSL or code signing that use the SHA-1 hashing algorithm. SHA-2 is the preferred method now.
- The company issued a security advisory recommending disabling the use of the RC4 stream cipher. At the same time they announced that Internet Explorer 11 will discourage the use of RC4.
- They announced that Internet Explorer 11 turns on TLS version 1.2 by default.
Read more at: Microsoft pushes crypto standards forward | ZDNet