Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
TRENDING TODAY
Home > News > Webmaster > Google News

September 5th, 2011, 12:20 GMT · By

Google Chrome Update Removes All CAs Linked to DigiNotar

SHARE:

Adjust text size:

Google Chrome has now removed all CAs linked to DigiNotar
Enlarge picture
In the aftermath of Certificate Authority DigiNotar's breach, most browser makers have provided updates, where needed, to revoke trust for all of the certificates issued by the company, as well as other CAs operated by it.

The latest Google Chrome update for the stable channel includes this change alone. Mozilla has also revoked the root certificate from most of its products and will eventually do it for all.

"The Stable channel has been updated to 13.0.782.220 for Windows, Mac, Linux, and Chrome Frame," Google's Anthony Laforge wrote.

"We're revoking trust for SSL certificates issued by DigiNotar-controlled intermediate CAs used by the Dutch PKIoverheid program," he explained.

Removing a root CA is quite a big move, affecting a lot of websites, but Microsoft, Google and Mozilla believe that aggravating factors, like the lack of proper disclosure and communication, mean that they can't risk trusting DigiNotar anymore.

DigiNotar also ran several other CAs, all of which have been removed in the latest Google Chrome update.

Along with the latest update to Google Chrome, Mozilla has issued updates for all of its Firefox branches, mobile and desktop, as well as for Thunderbird.

Microsoft also removed DigiNotar across all of its products. Opera has a different system for verifying certificates and did not need to issue an update to protect users from forged certificates.

That said, the system only works if the CA issues a revocation for the domains that have been affected. Undiscovered forged certificates will not be detected. However, Opera hasn't said anything about removing the root CA, like the other browser makers have done.

Mozilla, on the other hand, had strong words to say about DigiNotar and how it handled the whole situation. The browser maker believes that the lack of transparency and communication along with the fact that some of the forged certificates were being used in the wild is enough for it to remove DigiNotar permanently from the list of trusted CAs.


2,459 hits
Link to this article · Print article · Send to friend

MUST-READ RELATED ARTICLES:


Future Firefox Mockups Look Gorgeous, Practical (Pics)
Google Chrome 15 is Now Available to Chromebook Dev Channel Users
Google Chrome 15 Debuts Sleek, Annoying, Useless New Tab Page
The Latest Updates to the Touch Interface for Google Chrome
The Latest Changes to Chromium 15, the Upcoming Google Chrome 15

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2013 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use