Web browsing will get much riskier when a key security algorithm known as SHA stops supported by web browsing programs during 2016, warns Facebook. Its replacement - SHA-2 - will not be compatible with older web browsers.

Facebook's data shows that 3-7% of browsers currently in use are not able to use the newer SHA-256 standard, meaning that tens of millions of people will not be able to securely use the Internet after December 31st. A disproportionate number of those people reside in developing countries, and the likely outcome in those counties will be a serious backslide in the deployment of HTTPS by governments, companies and NGOs that wish to reach their target populations.

"We don't think it's right to cut tens of millions of people off from the benefits of the encrypted internet," wrote Alex Stamos, Facebook's chief security officer in a blogpost.

Security firm Cloudflare has also issued warnings about the retirement of SHA-1 and drawn up a list of the nations where older browsers that cannot work with the new version are most prominent.

"Unfortunately, this list largely overlaps with lists of the poorest, most repressive, and most war-torn countries in the world," said Matthew Prince, co-founder of Cloudflare in a blogpost.

"In other words, after 31 December most of the encrypted web will be cut off from the most vulnerable populations of internet users who need encryption the most," he said.

Both Facebook and Cloudflare have called for changes to the way that web browsers handle SHA-1 once it is retired. The proposal would mean SHA-1 would still be used for those using a browser that cannot use the updated algorithm.

Facebook supports CloudFlare's proposal for a different approach. Namely, the CA/Browser Forum should create a new type of Legacy Verified certificate that should only be issued to organizations that have demonstrated they are offering SHA-256 certificates to modern browsers. Such verification can be automated or manual, and appropriate measures can be put in place to reduce the risk of a collision attack. Those protections could include requiring LV applicants to have already passed OV or EV verification, as well as technical best practices such as serial number randomization.