Talks in this thread about SHA-1 are overblown. Google Chrome is taking a super cautious, preemptive step because it is now shown a code can be broken if you have thousands of years of computer time available.
Google cracked SHA1 wide open and announced it on Feb 23 of this year. The attack would take a solo attacker with just one consumer machine 110 years, but a typical hacker botnet of just ~40k zombie machines can crack it in about a day.