Substandard certs, already in partial exile, soon to be shunned completely
Google in two months will conclude its prolonged excommunication of misbehaving SSL/TLS certificate authorities WoSign and subsidiary StartCom, a punishment announced last October.
Chrome security engineer Devon O’Brien, in a Google Groups post on Thursday, said Google last year began limiting its trust of certificates backed by the companies to those issued before October 21st, 2016, and has been winnowing whitelisted hostnames over the course of several Chrome releases.
Finally, the end is near.
Powered by WPeMatico