Skip to main content

Google Ups Chrome's Encryption Security

Certificates signed with MD (Message-Digest) version 2 (released in 1989) and 4 (released in1 995), both of which produce 128-bit hash values, are being rejected in the latest Chromium releases over delivering "fatal errors".

MD5, also a 128-bit version, results in an "interstitial warning", according to Chrome developer Peter Beverloo. Google decided to also reject RSA and DSA key with fewer than 1024 bits. The changes are in effect in Chromium 18 and Chrome 18 developer versions with a revision number of 114,432 (MD2, MD4, MD5) 114,709 (RSA, DSA) and higher.

Other recent changes in Chrome include pausing, resuming and canceling downloads via the new Download API, hardware-based video-encoding (only in Chrome OS), a 5 percent memory improvement on Chrome for Windows as well as 4 percent JavaScript speed improvement in Mozilla's Kraken benchmark

  • elgranchuchu
    Chrome include pausing, resuming and canceling downloads

    ahhh at last!
    Reply
  • shoelessinsight
    Chrome include pausing, resuming and canceling downloads
    elgranchuchuahhh at last!Chrome has always provided those download features to the users. I assume that this latest change is intended for app and extension developers that want to modify or enhance the way Chrome manages downloads.
    Reply
  • __Miguel_
    @ elgranchuchu: My sentiments exactly. Pausing downloads has been something I have sorely missed in Chrome quite a few times already.
    Reply
  • goonigoogoo
    Hey Google, how about you don't show my saved passwords in chrome, get that fixed, that is a major flaw which is beyond my belief that it still hasn't been fixed.
    Reply
  • olaf
    more tumbnails please ! 6 is soooo 1999
    Reply