WoSign – WindowsTechs.com

Google drops the boom on WoSign, StartCom certs for good

Posted on July 20, 2017 by Sean Gallagher

Citing “certificate misissuance,” Google to expire all certs from offenders by September. Continue reading Google drops the boom on WoSign, StartCom certs for good→

Google to Fully Distrust WoSign/StartCom SSL Certs in Chrome 61

Posted on July 10, 2017 by Michael Mimoso

Google has put websites signed with WoSign/StartCom SSL certificates on notice that it will no longer trust certs from the Chinese CA starting in Chrome 61. Continue reading Google to Fully Distrust WoSign/StartCom SSL Certs in Chrome 61→

Google Chrome Bans Chinese SSL Certificate Authorities WoSign and StartCom

Posted on July 8, 2017 by Mohit Kumar

As a punishment announced last October, Google will no longer trust SSL/TLS certificate authorities WoSign and its subsidiary StartCom with the launch of Chrome 61 for not maintaining the “high standards expected of CAs.”

The move came after Google wa… Continue reading Google Chrome Bans Chinese SSL Certificate Authorities WoSign and StartCom→

Google to Distrust WoSign, StartCom Certs in 2017

Posted on November 1, 2016 by Chris Brook

Google announced Monday that it will distrust certificates issued by WoSign and StartCom when in it ships Chrome 56 in January 2017.

Continue reading Google to Distrust WoSign, StartCom Certs in 2017→

Apple To Block WoSign Intermediate Certificates

Posted on October 3, 2016 by Chris Brook

Apple said over the weekend it would soon distrust certificates issued by WoSign’s Free SSL Certificate G2 intermediate CA on macOS. Continue reading Apple To Block WoSign Intermediate Certificates→

Mozilla to take action against WoSign’s woeful cryptographic blunders

Posted on September 28, 2016 by Paul Ducklin

Mozilla is finally planning to take action against the CA that signed a top-level Github certificate for a random user. Continue reading Mozilla to take action against WoSign’s woeful cryptographic blunders→

Mozilla Wants to Drop WoSign as Trusted CA

Posted on September 27, 2016 by Michael Mimoso

Mozilla has proposed banning new SHA-1 certificates from Chinese Certificate Authority WoSign for one year after it accused the CA of back-dating the deprecated certs. Continue reading Mozilla Wants to Drop WoSign as Trusted CA→

Firefox ready to block certificate authority that threatened Web security

Posted on September 27, 2016 by Dan Goodin

Mozilla says it has lost confidence in WoSign’s ability to protect HTTPS system. Continue reading Firefox ready to block certificate authority that threatened Web security→

How one man could have owned GitHub, and what happened next…

Posted on August 31, 2016 by Paul Ducklin

A blundering Certificate Authority called “WoSign” is causing consternation amongst Mozilla’s security policy team. Continue reading How one man could have owned GitHub, and what happened next…→

Chinese Certificate Authority ‘mistakenly’ gave out SSL Certs for GitHub Domains

Posted on August 29, 2016 by Swati Khandelwal

A Chinese certificate authority (CA) appeared to be making a significant security blunder by handing out duplicate SSL certificates for a base domain if someone just has control over its any subdomain.

The certificate authority, named WoSign, issued … Continue reading Chinese Certificate Authority ‘mistakenly’ gave out SSL Certs for GitHub Domains→