News

On March 23, Google Chrome developers in their blog announced the planned consequences for Symantec regarding the incorrect issuance of SSL certificates. Symantec thoroughly analyzed Google’s accusations and prepared a list of actions aimed at enhancing security in the area of issuing SSL certificates.

In the Chrome 58 release, certificates that do not specify host names in the SubjectAltName field will lead to a "Your connection is not private" error. A similar change was implemented in Firefox 48, but users did not report any problems prior to that.

Members of the CA / B Forum are considering the possibility of revising the conditions related to the payment of compensation by certification authorities in customer’s favor due to the improper issuance or compromise of EV SSL certificates.

It was recently announced that CA / B Forum, the regulator of the SSL industry has adopted a new provision: it became mandatory to include the Tor Service Descriptor Hash extension in TBSCertificate. Now the certifying authority can issue an EV certificate for the .onion domain name only after complying with two of the following rules.

Google continued efforts for implementing encryption on all sites of the World Wide Web. Beginning from October, company will display new security warnings for all HTTP based pages in Chrome browser. Earlier this year, Chrome developers have already implemented "not secure" notification for HTTP sites that request credit card information or passwords.