I Want To Departments & Agencies
News Events Employment Language
Information Systems Department
County Of Sonoma Administrative Support & Fiscal Services Information Systems Information Security Bulletin Browser warning
Information Systems Department

Information Security Bulletin

This security bulletin applies to the following internet browsers: Internet Explorer, Google Chrome, and Firefox

Published: January 14, 2016

Summary

County employees using Internet Explorer (IE), Google Chrome, and Firefox to navigate to secure websites may see a warning (yellow triangle or red X) about an internet site not being secure:

https info in URL

This is due to the secure website using legacy encryption called “SHA1”. This encryption method is still valid. However, internet browsers are providing security warnings about ”SHA1” in 2016 and are deprecating support by January 2017 in favor of a more secure encryption method called SHA2/SHA256”.  

ISD is taking the following action for ISD hosted websites:

  1. All ISD secure hosted websites that are internet accessible (e.g. esupplier.sonomacounty.ca.gov) already have the more secure encryption method “SHA2/SHA256”.
  2. Secure ISD “Intranet” hosted websites are in the process of being migrated to the more secure encryption method and scheduled to be completed by June 2016.   

Actions Required

  1. Continue to use only supported internet browsers (IE 11) and operating systems (Windows 7 and higher). Supported operating systems contain an update that will support newer encryption technologies.

Technical Information

Internet Explorer, Google Chrome and Firefox internet browsers will start providing warning signs about websites using legacy encryption entitled “SHA-1”. Microsoft and Google will stop supporting websites using the legacy encryption “SHA1” January 2017.  Employees should follow the actions required of this bulletin.

Technical personnel should review the Microsoft, Google and Firefox bulletin for additional guidance:

https://casecurity.org/2016/01/05/what-will-happen-with-sha-1-and-browser-users-on-january-1st-2016/

https://googleonlinesecurity.blogspot.com/2014/09/gradually-sunsetting-sha-1.html

http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx

https://threatpost.com/mozilla-warns-of-sha-1-deprecation-side-effects/115822/

For questions or concerns, please contact the ISD Service Desk at (707) 565-2030 or email us at ISD-ServiceDesk@sonoma-county.org.