Firefox to distrust all TLS certificates issued by Symantec

No primary category set

From October the 23rd 2018, the Firefox browser will distrust any TLS certificates issued by Symantec (or a parter company), regardless of when it was issued. Firefox 60 (the current release) already displays an “untrusted connection” error for any website using a TLS/SSL certificate issued before June 1, 2016 that chains up to a Symantec root certificate.

Symantec were a bit naughty and allowed a few companies to issue their certificates that didn’t comply with industry standard guidelines. To wipe the slate clean, browsers will simply stop trusting certificates issued by Symantec along with those from various brands such as Thawte, VeriSign, Equifax, GeoTrust, and RapidSSL. Like Firefox, Google Chrome already distrust pre June 1, 2016 certificates and will distrust all Symantec certificates from the 16th October 2018.

In early March roughly 1% of websites were broken in Firefox 60 due to the change described above. Just before the release of Firefox 60 on May 9, 2018, less than 0.15% of websites were impacted – a major improvement in just a few months’ time. Still today, 3.5% of the top 1 million websites are using Symantec certificates that will be distrusted by October.

“We strongly encourage website operators to replace any remaining Symantec TLS certificates immediately to avoid impacting their users as these certificates become distrusted in Firefox Nightly and Beta over the next few months.”
– Firefox

When we last wrote about this issue, eBay and Amazon, the two biggest marketplaces in the UK both had security certificates issued by Symantec Corporation. Amazon upgraded to a DigiCert Inc certificate on the 28th of March with eBay also upgrading to a DigiCert Inc certificate on the 9th of July this year.

One Response

RELATED POSTS..

Google Chrome Cookie Tracking Protection

Google Chrome Cookie Tracking Protection

eBay-Developers-Program-eBay-Finding-API

eBay Finding API to be upgraded from HTTP to HTTPS

URL

Google hates URLs as much as you do

PayPal-Security-Certificate

PayPal one of 800,000 sites whose security certificate will soon be distrusted

HTTPS-SSL-Security

eBay UK Autumn Seller Release:
HTTPS on eBay

ChannelX Guide...

Featured in this article from the ChannelX Guide – companies that can help you grow and manage your business.

Latest

Take a look through a selection of the latest articles on ChannelX

Register for Newsletter

Receive 5 newsletters per week

Gain access to all research

Be notified of upcoming events and webinars