CA/Upcoming Distrust Actions: Difference between revisions

Revision as of 23:37, 20 March 2018

Symantec

In line with a consensus proposal agreed by a number of browser vendors, Firefox is implemented a gradual distrust of all roots controlled by the CA "Symantec". The dates and associated scopes for this distrust are as follows:

May 2018 (Firefox 60, currently due for release 2018-05-09): All certificates issued by Symantec roots before 2016-06-01.
October 2018 (Firefox 63, currently due for release 2018-10-16): All certificates issued by Symantec roots.

You should make sure to migrate sites you control to newer or alternative certificates well before the dates given. Symantec has issued some guidance on what site owners should do as part of their blog.

This applies to all of the brands Symantec operated; Thawte, RapidSSL, GeoTrust, Verisign, and Symantec.

Certificates issued by the independently-operated Google and Apple sub-CAs are exempt, but unless you are Google or Apple you will not be using those.

@@ Line 3: / Line 3: @@
 In line with a [https://groups.google.com/a/chromium.org/d/msg/blink-dev/eUAKwjihhBs/El1mH8S6AwAJ consensus proposal] agreed by a number of browser vendors, Firefox is implemented a gradual distrust of all roots controlled by the CA "Symantec". The dates and associated scopes for this distrust are as follows:
-* May 2018 (Firefox 60, currently [[RapidRelease/Calendar|due for release]] 2018-05-01): All certificates issued by Symantec roots before 2016-06-01.
+* May 2018 (Firefox 60, currently [[RapidRelease/Calendar|due for release]] 2018-05-09): All certificates issued by Symantec roots before 2016-06-01.
 * October 2018 (Firefox 63, currently [[RapidRelease/Calendar|due for release]] 2018-10-16): All certificates issued by Symantec roots.

CA/Upcoming Distrust Actions: Difference between revisions

Revision as of 23:37, 20 March 2018

Symantec

Navigation menu

Search