Citing years of problems, Google Chrome and the Java Runtime Engine will cease trusting all new root certificate authorities run by Minneapolis-based Entrust. Mozilla at month's end will follow suit. As a result, no public-facing site or service with a newly issued Entrust-issued digital certificate will be treated as trustworthy by browsers.
The designation stems from Entrust's failure to meet rigorous security and compliance standards outlined by Google's Chrome Root Program, which oversees digital certificate issuers. This designation implies that Google may no longer recognize Entrust certificates in future Chrome browser updates. Such a move would impact websites relying on Entrust for HTTPS encryption, potentially displaying security warnings for users and disrupting site access.
Existing certificates will continue to work until they expire - typically 398 days or less after being issued. The issue underscores the importance of rigorous oversight in digital certification, especially with increasing cyber threats and the critical role of SSL/TLS certificates in securing online communications. Google's decision marks a significant step towards enforcing compliance and maintaining trustworthiness within the global certificate authority ecosystem.
This development also encourages organizations to review their certification providers to ensure continued compliance with browser security standards, as the potential for similar actions could create disruptions for end-users worldwide.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
