Citat:
Ursprungligen postat av
sebnie
Det är ju märkligt att mina certifikat är blockade då. Av informationen att döma så skall alla certifikat utfärdade före 1-21 okt 2016 (mitt är utfärdat 1-31 jan 2016) släppas igenom spärren, och sedan ska certifikaten spärras helt då alla certifikat utfärdade före 1-21 okt 2016 gått ut..
Du har tyvärr missförstått det du läst. Jag citerar från min föregående inlägg:
Citat:
Furthermore, all vendors are committed to taking whatever actions in the future they feel necessary, including completely revoking trust in the doomed CAs.
För att förtydliga:
Alla certifikat från WoSign och StartCom, oavsett vilket datum de har, kommer inte längre att vara betrodda.
Källa:
Citat:
As previously announced, Chrome has been in the process of removing trust from certificates issued by the CA WoSign and its subsidiary StartCom, as a result of several incidents not in keeping with the high standards expected of CAs.
We started the phase out in Chrome 56 by only trusting certificates issued prior to October 21st 2016, and subsequently restricted trust to a set of whitelisted hostnames based on the Alexa Top 1M. We have been reducing the size of the whitelist over the course of several Chrome releases.
Beginning with Chrome 61, the whitelist will be removed, resulting in full distrust of the existing WoSign and StartCom root certificates and all certificates they have issued.
Based on the Chromium Development Calendar, this change should be visible in the Chrome Dev channel in the coming weeks, the Chrome Beta channel around late July 2017, and will be released to Stable around mid September 2017.
Sites still using StartCom or WoSign-issued certificates should consider replacing these certificates as a matter of urgency to minimize disruption for Chrome users.