[BlueOnyx:21360] Google pulls the rug on Symantec SSL certs
Michael Stauber
mstauber at blueonyx.it
Thu Sep 14 12:44:50 -05 2017
Hi all,
If you're using SSL certificates from Symantec or their partners Thawte,
VeriSign, Equifax, GeoTrust or RapidSSL, then please take note:
Starting with Chrome 66, Chrome will remove trust in Symantec-issued
certificates issued prior to June 1, 2016. Chrome 66 is currently
scheduled to be released to Chrome Beta users on March 15, 2018 and to
Chrome Stable users around April 17, 2018.
Around the week of October 23, 2018, Chrome 70 will be released, which
will fully remove trust in Symantec’s old infrastructure and all of the
certificates it has issued.
So before these deadlines you might want to replace any of the affected
certificates with ones from more trustworthy providers.
Reason for these steps is that Symantec and/or its subsidiaries got
caught several times issuing certificates for "google.com" without
authorization and Google finally had enough. Symantec is also exiting
the SSL-certificate businesses and has sold that part off to DigiCert,
which is even less trustworthy than Symantec ever was.
More info:
https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list