OpenSSH will soon deprecate the use of SHA-1 because of the risk of specific attacks against the algorithm.
A chosen prefix collision in SHA-1 has demonstrated a new issue with the venerable hash function developed by the NSA.
The question about shortening the validity period for TLS certificates is back in front of the CA/Browser Forum again. CAs still oppose it and browser makers are still for it.
Cloudflare and several other members have formed the League of Entropy to offer a quorum of public randomness beacons.