Home >> Linux >> Mozilla Breaks Its Own Promise, Allows Symantec To Issue Insecure Certificates

Mozilla Breaks Its Own Promise, Allows Symantec To Issue Insecure Certificates

An anonymous reader writes: After researchers discovered that SHA-1 can be decrypted, Mozilla, together with Microsoft and Google, said they will no longer “trust” SHA-1-based certificates issued after January 1, 2016, and later stop supporting any type of SHA-1 certificates after June 30, 2016, or January 1, 2017. The foundation went back on its word this week, when Symantec begged Mozilla to allow it to issue nine new certificates for one of its clients, Worldpay PLC, which forgot to request these certificates before January 1. Symantec got what it wanted. Fortunately, other companies like Microsoft, Apple, or Google didn’t cave under the pressure.


Share on Google+

Read more of this story at Slashdot.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

*