Security Analyst – Jeff Soehner CISSP, GXPN,GPYC,GMOB,GCIH

While the world still sleeps quietly behind their firewalls, a technology giant (Chrome), responsible for over 70% (combined) market share, has dropped the hammer on Entrust, a major player in the Certificate Authority business. If you use these TLS certificates to protect any of your public facing websites, you better start looking for a new CA.

Google has been aggressively trying to improve the security for Internet browsing, first by moving away from OS trust stores (something that Mozilla has always done) in favor of its own. This gave them the ability to distrust root certificates from Certificate Authorities who flagrantly break the rules of operation.

Recently, they added a feature where distrust could selectively be done after a certificate timestamp (SCT) and that change has emboldened them to distrust a lot more CAs without significant impact to the consumers who trusted them in the first place.

Bravo Google, for making the Internet a better place!

https://security.googleblog.com/2024/06/sustaining-digital-certificate-security.html?m=1