s for longer than planned
Mozilla has announced that Symantec certificates will continue to be trusted longer than planned, as many parties still use them. It has been known for a long time that Mozilla and Google, among other things, are going to cancel the trust in the certificates.
In a blog post , Mozilla refers to statistics that indicate that more than one percent of the one million most popular sites on the Internet use certificates issued by Symantec, which includes GeoTrust, RapidSSL and Thawte. That is why the organization has decided to postpone the next phase of its distrust of Symantec certificates from the beta of Firefox 63 to the beta of version 64, which will release the stable release in December. In this phase , with some exceptions, confidence in all certificates issued by Symantec is canceled.
Because of this postponement Mozilla hopes to give sites more time to change their certificate. It refers to DigiCert, which last year purchased the certificate component from Symantec , which offers free replacement certificates. Slowing down the process should also lead to fewer users experiencing problems with sites that still use Symantec certificates and, in addition, must reduce the risk for those users. Researcher Scott Helme previously published an overview with sites that still use old certificates.
Google plans to cancel trust in Symantec certificates with the release of Chrome 70. This version of the browser must be released on October 16th . Google has not yet published anything about possible postponement. Chrome 70 is the last step in the plan previously announced by Google, to which Mozilla also refers. Trust in Symantec certificates is canceled because the company, among other things, incorrectly issued depositary receipts.
Google planning Symantec
Google scheduling for Symantec certificates
This post first appeared on Need Help Ask Us Now Most Important Technology New, please read the originial post: here