To punish Symantec, Google may distrust a third of the web’s SSL certificates

Google is considering a harsh punishment for repeated incidents in which Symantec or its certificate resellers improperly issued SSL certificates. A proposed plan is to force the company to replace all of its customers’ certificates and to stop recognizing the extended validation (EV) status of those that have it.

According to a Netcraft survey from 2015, Symantec is responsible for about one in every three SSL certificates used on the web, making it the largest commercial certificate issuer in the world. As a result of acquisitions over the years the company now controls the root certificates of several formerly standalone certificate authorities including VeriSign, GeoTrust, Thawte and RapidSSL.

To read this article in full or to leave a comment, please click here

from Computerworld News http://www.computerworld.com/article/3184573/security/to-punish-symantec-google-may-distrust-a-third-of-the-webs-ssl-certificates.html#tk.rss_news
from Tumblr http://2375823.tumblr.com/post/158782266713

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s