Results 1 to 3 of 3
  1. 29 September 2018, 10:04 pm #1
    universal4's Avatar
    universal4
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    32,692
    Thanks
    4,012
    Thanked 8,842 Times in 5,651 Posts

    Default Mozilla/Firefox planning on distrusting Symantec issued certificates

    I noticed some issues rendering some pages in Firefox so I was checking the change log threads and stumbled on this:

    In advance of removing all trust for Symantec-issued certificates in Firefox 63, a preference was added that allows users to distrust certificates issued by Symantec. To use this preference, go to about:config in the address bar and set the preference "security.pki.distrust_ca_policy" to 2.
    https://www.mozilla.org/en-US/firefo.../releasenotes/

    It seems a near future update will distrust all cert's issued by Symantec, so just in case anyone is using a cert issued by them you might want to redo the cert's.

    Rick
    Universal4

    (font bolded by me to draw attention to pertinent information)
    Reply With Quote Reply With Quote

  2. The Following 4 Users Say Thank You to universal4 For This Useful Post:

    Cash Bonus (29 September 2018), matthewt (30 October 2018), PROFRBcom (30 October 2018), The Buzz (30 September 2018)
  3. 30 October 2018, 3:48 pm #2
    PROFRBcom's Avatar
    PROFRBcom
    PROFRBcom is offline Private Member
    Send a message via Skype™ to PROFRBcom
    Join Date
    April 2013
    Posts
    2,169
    Thanks
    1,510
    Thanked 1,243 Times in 808 Posts

    Default

    I don't see any reason listed as to why Firefox would stop trusting a well known company's certs?
    https://professionalrakeback.com

    We write excellent long-form content for other webmasters, for free.
    How can we work together on a win/win deal? Be creative!

    I love all links, even NoFollow links!

    Lots of open positions available, PM me:
    • Poker Site Reviewer
    • Casino Site Reviewer
    • Sports Site Reviewer
    • Investigative Reporter
    • Poker Software Reviewer
    • Live Poker Venue Reviewers in US, CA, AU
    • Poker Book Reviewer
    • Drupal Developer
    • Forum Moderators
    • Twitch Poker Streamers
    Reply With Quote Reply With Quote
  4. 30 October 2018, 11:30 pm #3
    Muppet
    Muppet is offline Private Member
    Join Date
    December 2007
    Posts
    577
    Thanks
    166
    Thanked 661 Times in 290 Posts

    Default

    This has been going on for a few years already. The problem is that Symantec are a well known company that people trust, but their employees were not following proper process for verification of the identity of owners of sites they were issuing EV certs to. At one stage they issued an EV cert for google.com to an impersonator for example. Therefore their certificates are not considered trustworthy and it is a risk to your online safety for your browser to assume their certificates are legitimate.
    Reply With Quote Reply With Quote

  5. The Following User Says Thank You to Muppet For This Useful Post:

    Cash Bonus (31 October 2018)
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules