Site icon Xanjero

Google Chrome SSL Certificate Proposal might Affect Millions of Websites


A recent Google Chrome SSL certificate proposal raises concerns about verifying secure websites, potentially affecting millions of properties if enacted…

Last year, Google continued its security push for websites. The initiative is to make sites adopt secure, HTTPS protocols, particularly those with payment processing and requiring login credentials. But sites equipped with SSL certificates issued by Symantec and affiliated resellers might be at-risk, if a proposal by a member of the Chrome security team goes forward.

Google Chrome SSL Certificate Proposal could Affect Millions of Websites

In the proposal, the team member states there are serious concerns about security certificates issued by Symantec. Therefore, the Chrome browser will regard those sites as unsecure or untrusted over the next twelve months.

“Since January 19, the Google Chrome team has been investigating a series of failures by Symantec Corporation to properly validate certificates. Over the course of this investigation, the explanations provided by Symantec have revealed a continually increasing scope of mis-issuance with each set of questions from members of the Google Chrome team; an initial set of reportedly 127 certificates has expanded to include at least 30,000 certificates, issued over a period spanning several years,” the report reads, in-part.

Credit: Google

Symantec is currently the largest Certificate Authority, issuing about one-third of SSL protocols used on the web. If the proposal goes forward to adoption, potentially millions of websites would be at risk. Those properties would necessarily have to repeat the validation process, as well as install replacement certificates.

The team member states so far, none of Symantec’s steps ensure the proper treatment of such credentials. “On the basis of the details publicly provided by Symantec, we do not believe that they have properly upheld these principles, and as such, have created significant risk for Google Chrome users.”

Google began issuing “Page not secure” warnings in January of this year.

Thanks for taking a few moments of your time to read this; if you like this information, please share it with your friends!

Exit mobile version