[cabfpub] Chrome security warning discrepancy?
Eddy Nigg
eddy_nigg at startcom.org
Sat Jan 24 21:37:58 UTC 2015
On 01/24/2015 11:33 PM, Eddy Nigg wrote:
>
> On 01/24/2015 09:08 PM, Stephen Davidson wrote:
>> I think Chrome is showing "identity not verified" for SHA1-based
>> certs with validity into 2016.
>
> Right, certificates valid beyond 2015 and that have anywhere a SHA1
> certificate including the certificate chain will show this result.
> Premature perhaps...but every browser has it's own interpretation and
> UI implementation as you know.
BTW, Netcraft has some interesting information at
https://ssl.netcraft.com/surveys/analysis/https/2015/Jan/CMatch/signature_algorithms/sha1_deadline_miss.html
for those that are subscribed to their SSL survey which shows how many
certificates each CA will miss Microsoft's deadline of 1st Jan. 2017.
Would be interesting to know how many are missing the 2016 deadline of
Google :-)
--
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150124/b3fda19e/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4313 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150124/b3fda19e/attachment-0001.p7s>
More information about the Public
mailing list