As most people are probably aware, Google recently announced plans to quickly deprecate SHA-1 signed certs and prefer SHA-2 signed certs in upcoming versions of Chrome. This transition will be a multi-step process that will take place as Google releases the next three versions of Chrome with each successive version considering SHA-1 signed certificates with specific expiration date ranges to be increasingly in secure.
The good news is that Akamai can support serving SHA-256 signed certificates and it's a matter of assessing if and when current SHA-1 certs will be affected by transition. Below are some details that show Google's schedule and it's affects on the address bar icons.
There are 4 categories that Chrome uses when assessing a certificate and they have corresponding icons in the address bar:
1. fully secure
2. secure, but with minor errors
3. neutral, lacking security
4. affirmatively insecure
Below is a chart of the schedule based on the release version and how Chrome will treat SHA-1 signed certs based on their expiration date.
It's worth noting that both Firefox and Internet Explorer will also eventually be phasing out SHA-1 in favor of SHA-2 in the not too distant future.
Here are some external links that may be helpful:
Google’s Online Security Blog Announcement: http://googleonlinesecurity.blogspot.com/2014/09/gradually-sunsetting-sha-1.html
Detailed Summary of Browsers, OSs, servers, etc that support SHA-2:https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility
Mozilla’s SHA-1 Phase Out Plan: https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/
Microsoft’s SHA-1 Phase Out Plan: http://blogs.technet.com/b/pki/archive/2013/11/12/sha1-deprecation-policy.aspx