|
|
| Line 1: |
Line 1: |
| ==Symantec== | | == This page is Obsolete == |
| | |
| In line with a [https://groups.google.com/a/chromium.org/d/msg/blink-dev/eUAKwjihhBs/El1mH8S6AwAJ consensus proposal] agreed by a number of browser vendors, Firefox is implementing a gradual distrust of all roots controlled by the CA "Symantec". The dates and associated scopes for this distrust are as follows:
| |
| | |
| * May 2018 - Firefox 60 ([[RapidRelease/Calendar|released]] 2018-05-09): All SSL certificates issued by Symantec roots before 2016-06-01.
| |
| * June 2018 - Firefox 63 [https://www.mozilla.org/en-US/firefox/channel/desktop/ Nightly]: All SSL certificates issued by Symantec roots.
| |
| * September 2018 - Firefox 64 [https://www.mozilla.org/en-US/firefox/channel/desktop/ Nightly]: All SSL certificates issued by Symantec roots.
| |
| * October 2018 - Firefox 64 [https://www.mozilla.org/en-US/firefox/channel/desktop/ Beta]: All SSL certificates issued by Symantec roots.
| |
| * December 2018 - Firefox 64 Release ([[RapidRelease/Calendar|released]] 2018-12-11): All SSL certificates issued by Symantec roots.
| |
| | |
| You should make sure to migrate sites you control to newer or alternative certificates well before the dates given. Symantec has issued [https://www.symantec.com/connect/blogs/information-replacement-symantec-ssltls-certificates some guidance on what site owners should do as part of their blog].
| |
| | |
| This applies to all of the brands Symantec operated; Thawte, RapidSSL, GeoTrust, Verisign, and Symantec.
| |
| | |
| <small>Certificates issued by the independently-operated Google and Apple sub-CAs are exempt, but unless you are Google or Apple you will not be using those.</small>
| |