Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs

  |   Tech News

In a severe rebuke of one of the biggest suppliers of HTTPS credentials, Google Chrome developers announced plans to drastically restrict transport layer security certificates sold by Symantec-owned issuers following the discovery they have issued more than 30,000 certificates.

Symantec allowed at least four parties access to their infrastructure in a way to cause certificate issuance, did not sufficiently oversee these capabilities as required and expected, and when presented with evidence of these organizations' failure to abide to the appropriate standard of care, failed to disclose such information in a timely manner or to identify the significance of the issues reported to them.

As Sleevi explained it: "By phasing such changes in over a series of releases, we aim to minimize the impact any given release poses, while still continually making progress towards restoring the necessary level of security to ensure Symantec-issued certificates are as trustworthy as certificates from other CAs."

To read full article - https://goo.gl/lL7v5e

📲 Get Tech and Gadget News on Whatsapp 💬