Chrome 61 to block WoSign and StartCom credentials completely

28/12/2020

Google’s upcoming release Google 61 browser is expected to untrust two of Chinese SSL providers “WoSign and StartCom” due to not maintaining the expected highg stadards of CAs. As a result, issues certificates from both CAs will no longer be trusted by Google Chrome, in accordance with our Root Certificate Policy. This is inline with recent similar annoucements issued by both Apple and Mozilla to also distrust certificates for both CAs.

According to report from Whalley:

“The investigation concluded that WoSign knowingly and intentionally misissued certificates in order to circumvent browser restrictions and CA requirements. Further, it determined that StartCom, another CA, had been purchased by WoSign, and had replaced infrastructure, staff, policies, and issuance systems with WoSign’s.

When presented with this evidence, WoSign and StartCom management actively attempted to mislead the browser community about the acquisition and the relationship of these two companies. For both CAs, we have concluded there is a pattern of issues and incidents that indicate an approach to security that is not in concordance with the responsibilities of a publicly trusted CA.”

What this implies now is beginning with Google Chrome 56, all issued certificates from both WoSign and StartCom after October 21, 2016 00:00:00 UTC will no longer be trusted. So for exisitng customers using these certifices, certificates issued before this date may continue to be trusted, for a time, if they both certs comply with the Certificate Transparency in Chrome policy or are issued to a limited set of domains known to be customers of WoSign and StartCom.

Source: Google Security Blog

ONET IDC thành lập vào năm 2012, là công ty chuyên nghiệp tại Việt Nam trong lĩnh vực cung cấp dịch vụ Hosting, VPS, máy chủ vật lý, dịch vụ Firewall Anti DDoS, SSL… Với 10 năm xây dựng và phát triển, ứng dụng nhiều công nghệ hiện đại, ONET IDC đã giúp hàng ngàn khách hàng tin tưởng lựa chọn, mang lại sự ổn định tuyệt đối cho website của khách hàng để thúc đẩy việc kinh doanh đạt được hiệu quả và thành công.
Bài viết liên quan

Install Google Chrome on Linux Mint

When we’re talking about accessing the internet, the most obvious part is the internet connection and the web browser....
29/12/2020

Install Google Chrome on Arch Linux

Google Chrome is one of the fastest and popular web browsers in the world. On distributions like Ubuntu, Debian, Red Hat...
28/12/2020

Install Google Chrome on Ubuntu 18.04 LTS

Google Chrome is a great web browser. It has a beautiful user interface (UI). It is fast and free to use. It is favored...
28/12/2020