Google To Distrust Symantec Certificates
Google announced that it will start gradually distrusting Symantecs certificates, after Symantec was caught improperly issuing 30,000 certificates over the past few years. Symantecs Extended Validation (EV) certificates will also no longer be recognized–effective immediately–for at least a year, until the company fixes its certificate issuance processes to the point where they can be trusted again.Google’s Eventful History With Bad Symantec CertificatesBack in 2015, Google discovered that one of Symantecs EV certificates was issued for its Google.com domain, even though the company never requested nor authorized it. The whole point of EV certificates is to prove that the company owning that certificate is who it says it is. If EV certificates for certain domain names are being issued to other entities that dont own those domain names, then there would be no value in website developers even getting EV certificates anymore. The credibility of those certificates would be compromised.
0 kommentarer