The tale of why Chrome and Firefox will quickly block web sites with particular SSL certificates

The tale of why Chrome and Firefox will quickly block web sites with particular SSL certificates

When you look at the forseeable future, Bing Chrome and Mozilla Firefox will start distrusting SSL certificates from Symantec, GeoTrust, Thawte, VeriSign, Equifax, and RapidSSL. This modification will require impact whenever Chrome 70 beta and Firefox 63 beta are released during the early September. The stable release that is public of 70 and Firefox 63 is slated for October.

There was a long history between Bing and Symantec that features resulted in this choice. Back September 2015, Google’s Certificate Transparency task flagged a few Google domain certificates that were improperly given by Symantec’s Thawte, a root certification authority. These certificates had been neither authorized nor requested by Bing. Symantec straight away revoked them upon realizing which they had been inappropriately granted and announced the certificates had been unintentionally released towards the public during a product testing procedure that is internal. Initially, Symantec reported the presssing problem was just included to 3 domain names. Nonetheless, a formal event report from Symantec was launched four weeks later on to your public saying how many improperly granted certificates had been included to 23 certificates across five businesses rather. In a few days, Google rebutted the state Symantec report. Symantec reopened their research and stated that rather than 23 certificates it had been 187 improperly granted certificates across 76 companies and 2,458 certificates for nonexistent domain names. (more…)