Google Chrome’s HTTPS ban-hammer drops on WoSign, StartCom in two months

Substandard certs, already in partial exile, soon to be shunned completely


By Thomas Claburn in San Francisco 7 Jul 2017

Google in two months will conclude its prolonged excommunication of misbehaving SSL/TLS certificate authorities WoSign and subsidiary StartCom, a punishment announced last October.


Chrome security engineer Devon O’Brien, in a Google Groups post on Thursday, said Google last year began limiting its trust of certificates backed by the companies to those issued before October 21st, 2016, and has been winnowing whitelisted hostnames over the course of several Chrome releases.


Finally, the end is near.


           's expired certificate snafu, as seen via Firefox


Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico