For the web to be more secure Windows XP must die!

If you are reading any of my content or browsing any of the sites I host, it means you are not on Windows XP using Internet Explorer.  A lack of SNI support in all versions of IE on XP as well as a lack of support for SHA-2 certificates on Service Pack 2 or less spells incompatibility with the modern web.

More and more sites are switching to HTTPS by default.  This includes some of the most visited websites such as Google or Facebook.  As SHA-1 signed SSL/TLS certificates fall out of favor, support for older browsers and operating systems are left behind.  Projects like LetsEncrypt and services like Cloudflare aim to bring encryption to every website.  However a lack of IPv4 addresses means SNI is required to put multiple SSL websites on a single IP.  Internet Explorer on Windows XP does not support SNI period.  Making the future of IPv4 that much more bleak for an encrypted web.

Unfortunately many sites including Facebook are making the fatal mistake of allowing an SHA-1 fallback.  This renders the use of SHA-2 useless for security purposes and just saves face with modern browsers that would warn users of SHA-1.  Attackers will make use of downgrade attacks to exploit weaknesses and the cycle will continue.  However once XP and or use of IE on XP dies the world will finally be able to move on.