Security Market Segment LS
Tuesday, 18 September 2018 11:54

Chrome, Firefox will not trust Symantec SSL certs from next release Featured

By

In what is sure to cause concern at the the top levels of one of the leading security software vendors, upcoming releases of the two more popular Web browsers, Chrome and Firefox, will no longer trust Symantec SSL certificates.

A browser will check the validity of a SSL certificate in order to confirm the validity of the website being loaded. This is done by validating a chain of trust. Certificate Authorities will guarantee the certificates they issue, along with the bona fides of any secondary issuing authority that is operating under their umbrella. A very rigorous process is needed to validate any entity that wishes to obtain a certificate.

In 2016, users became aware that Symantec (and their supported issuers) was issuing certificates in contravention of the established guidelines and posted their finding to a Mozilla security mailing list. After considerable discussion among the other CAs, a decision was made to distrust Symantec and to remove it as a CA.

The final announcement to distrust Symantec certificates was made in late 2017 and all Symantec certificate holders were given a year to replace their SSL certificates with one from an issuer who was trusted. The "distrust" also applies to certificates from Thawte, Geotrust and RapidSSL, all of which used Symantec as a central authority.

Mozilla Firefox and Chrome will start rejecting any affected certificates from their next releases in October. Apple's Safari browser has already started a partial distrust and will finalise this process later in 2018.

Digicert has acquired the Symantec CA and has been re-issuing certificates without charge. Anyone who has already begun this process, need to take no further action as the replacement certificate will be trusted by all browsers.

According to Mozilla, about 3.5% of the top one million websites are still secured with certificates that will no longer be trusted, despite extensive warnings. If anyone has access to Firefox Nightly or Chrome Canary, the standard "Invalid Certificate" warning will most likely be seen, rather than the actual website.

iTWire has been unable to find an official statement from Microsoft about its position on this issue and whether IE and Edge will continue to support Symantec certificates after their distruxt by Firefox and Chrome.

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments