MD5 fingerprint displayed for certificate
When new SSL certificate is supplied by the server, ChatSecure displays the MD5 and SHA-1 fingerprint.
Don't display the MD5 fingerprint because doesn't offer no protection against certificate forgeries.
MD5 considered harmful today - Creating a rogue CA certificate
I recommend displaying the SHA-1 and SHA2-256 fingerprints of the SSL certificate.
#1 Updated by fedor.brunner about 4 years ago
The SHA-1 hash function is also problematic, but it's still much more used then the newer SHA2-256 and most issued SSL certificates use SHA-1. There is a nice analysis of SHA-1 problems here:
In 2013 Microsoft announced their deprecation policy on SHA-1 according to which Windows will stop accepting SHA-1 certificates in SSL by 2017