9 matches found
Debian DLA-1244-1 : ca-certificates update
This release does a complete update of the CA list. This includes removing the StartCom and WoSign certificates to as they are now untrusted by the major browser vendors. This includes 1024-bit root certificates 858064 and untrusted StartCom and WoSign certificates 858539 which have been removed,...
[SECURITY] [DLA 1244-1] ca-certificates update
Package : ca-certificates Version : 20130119+deb7u2 Debian Bug : 858064 858539 This release does a complete update of the CA list. This includes removing the StartCom and WoSign certificates to as they are now untrusted by the major browser vendors. This includes 1024-bit root certificates 858064...
Debian: Security Advisory (DLA-1244-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Firefox 58 to Block Canvas Browser Fingerprinting By Default to Stop Online Tracking
Do you know? Thousands of websites use HTML5 Canvas—a method supported by all major browsers that allow websites to dynamically draw graphics on web pages—to track and potentially identify users across the websites by secretly fingerprinting their web browsers. Over three years ago, the concern...
Microsoft to remove WoSign and StartCom certificates in Windows 10
Microsoft has concluded that the Chinese Certificate Authorities CAs WoSign and StartCom have failed to maintain the standards required by our Trusted Root Program. Observed unacceptable security practices include back-dating SHA-1 certificates, mis-issuances of certificates, accidental certifica...
Google to Fully Distrust WoSign/StartCom SSL Certs in Chrome 61
Websites that are still using digital certificates issued by Chinese Certificate Authority WoSign may want to accelerate their plans to replace those certs. Google last week said it will fully distrust remaining certificates issued by the CA starting with Chrome 61. Devon O’Brien of the Chrome...
Google Chrome Bans Chinese SSL Certificate Authorities WoSign and StartCom
As a punishment announced last October, Google will no longer trust SSL/TLS certificate authorities WoSign and its subsidiary StartCom with the launch of Chrome 61 for not maintaining the "high standards expected of CAs." The move came after Google was notified by GitHub's security team on August...
Google to Distrust WoSign, StartCom Certs in 2017
Google announced Monday that when it ships Chrome 56 in January 2017 the browser will distrust certificates issued by Chinese certificate authoritiesWoSign and StartCom that have made headlines over the past month. The move was somewhat expected after Mozilla announced last week the company would...
Mozilla Wants to Drop WoSign as Trusted CA
Mozilla has accused a Chinese Certificate Authority of back-dating SHA-1 certificates to get around restrictions barring deprecated certs from being trusted, and is ready to ban the CA for one year. The back-dating is just one of many violations derived after a lengthy investigation of WoSign and...