6/22/2015 9:39:59 AM
Facebook-Connected Apps Must Now Support Certificates Signed with SHA-2
SDK,SHA-2 Standard,Facebook,Baseline Requirements For SSL
https://appdevelopermagazine.com/images/news_images/Sha2-SSL-Facebook-App-Developer-Magazine_30s60t3b.jpg
App Developer Magazine

Facebook-Connected Apps Must Now Support Certificates Signed with SHA-2



Richard Harris Richard Harris in Marketing & Promotion Monday, June 22, 2015
2,592

Facebook is updating its encryption requirements for Facebook-connected apps which means that apps that don't support SHA-2 certificate signatures will no longer be able to connect to Facebook starting on October 1, 2015.

Facebook’s Adam Gross in a recent post on the Facebook developer blog:

These changes are part of a broader shift in how browsers and web sites encrypt traffic to protect the contents of online communications. Typically, web browsers use a hash function to create a unique fingerprint for a chunk of data or a message. This fingerprint is then digitally signed to prove that a message has not been altered or tampered with when passing through the various servers and systems between your computer and Facebook's servers.

For the past two decades, the SHA-1 standard has been the preferred choice across the Internet for calculating message fingerprints. But after identifying security weaknesses in SHA-1, the Certificate Authority and Browser Forum recently published new Baseline Requirements for SSL recommending that all certificate authorities transition away from SHA-1 based signatures, with a full sunset date of January 1, 2016.

We'll be updating our servers to stop accepting SHA-1 based connections before this final date, on October 1, 2015. After that date, we'll require apps and sites that connect to Facebook to support the more secure SHA-2 connections.

We recommend that developers check their applications, SDKs, or devices that connect to Facebook to ensure they support the SHA-2 standard. If your app already supports this standard, then no action is necessary. But if your app relies on SHA-1 based certificate verification, then people may encounter broken experiences in your app if you fail to update it.

Read more: https://developers.facebook.com/blog/post/2015/06/...

Introduction to graphic design

Explaining the key concepts of visual language that inform any work of design, from logo or letterhead to a complex website.

Consumer Behavior: Building Marketing Strategy

Usable, strategic understanding of consumer behavior that acknowledges recent changes in internal and external influences, global marketing environments, and the discipline overall. 

The Latest Nerd Ranch Guide (3rd Edition) to Android Programming

Write and run code every step of the way, using Android Studio to create apps that integrate with other apps, download and display pictures from the web, play sounds, and more. Each chapter and app has been designed and tested to provide the knowledge and experience you need to get started in Android development.

Starting your own app business?

How to create a profitable, sustainable business developing and marketing mobile apps.



Comments

There are no comments yet, be the first to leave your remarks.

Leave a Reply