We are standing up a number of CAs (Selfsigned Root, Policy and Issueing).The question has come up with the Microsoft CA product we have the ability to chose SHA 1, SHA 256, SHA 512. i believe that SHA1 is not sufficent for a 20 year root CA lifespan. I need expert support for moving to SHA 256 at a minimum.
Roger Younglove Principal Consultant Ford Motor Company