Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Details Plan To Distrust Symantec Certificates (tomshardware.com)

Posted by BeauHD on from the plan-of-action dept.

After deciding to distrust Symantec's certificates in March, Google has decided to release a more detailed plan for how that process will go. Tom's Hardware reports: Starting with Chrome 66 (we're now at version 61), the browser will remove trust in Symantec-issued certificates issued prior to June 1, 2016. Website operators that use Symantec certificates issued before that date should be looking to replace their certificates by April 2018, when Chrome 66 is expected to come out. Starting with Chrome 62 (next version), the built-in DevTools will also warn operators of Symantec certificates that will be distrusted in Chrome 66. After December 1, the new infrastructure managed by DigiCert will go into effect, and any new certificates issued by the old Symantec infrastructure will no longer be valid in Chrome. By November 2018, Chrome 70 will come out and will completely remove trust in all Symantec certificates that have ever been issued. Website operators can replace their old Symantec certificates with certificates from DigiCert from December 1 or from any other CA trusted by Google's Chrome browser.

2 of 140 comments (clear)

  1. Re:Let me by sinij · · Score: 5, Insightful

    Seeing browser hijack and concluding your machine was pwned isn't unreasonable. Injection by ISP is such sacrilege that it isn't something most techies would check as the first step.

  2. Re: Google this, Google that by Anonymous Coward · · Score: 5, Interesting

    What work around? What company or service can you use to get the information or level of service you can by using Google products? If a new privacy centric company came out and took over the world they would become Google. With all of the same privacy concerns. Even a company you started and ran. Every single person on this planet would at some point make the exact same decisions Google has along the way. Unless you never get to this size and only stay a tiny fraction of a percent of the market. Then and only then will a company care about privacy. You sacrifice privacy in the name of convenience. Without convenience you can still have privacy. With convenience comes a lack of privacy. The more convenient our lives become the less privacy there will be. In 100 years even someone like yourself or the most private paranoid person will have ZERO privacy. The only people to have privacy then will be those using NO technology of anysort. So pretty much only the few Amish who remain alive in 100 years.