Google Chrome to Stop Recognizing Symantec CAs
Google Chrome is to stop recognizing extended validation status for all certificates issued by Symantec Certificate Authorities, effective immediately.
It was revealed by an independent researcher that Symantec Certificate Authorities has repeatedly violated the "Baseline Requirements," a policy and requirements major browser makers impose of Certificate Authorities as condition for being coined as "trusted by major browsers."
Symantec CAs has improperly issued more than 30,000 certificates over the years and this represent potentially critical threats to the entire Internet population. The threat makes it possible for holders to cryptographically impersonate and monitor communications to and from legitimate servers of the affected sites.
Google plans to update Chrome to nullify all currently valid certificates issued by Symantec CAs. This move will prevent the users of Chrome from being able to access huge numbers of sites.
No comments:
Comments on GameOPS are moderated. Please keep your comments relevant to this blog entry.
If you don't have a Google, LiveJournal, Wordpress, AIM, Typepad or OpenID account, please choose NAME/URL when posting a commment. Anonymous comments will be rejected.