
Chrome’s Plan to Distrust Symantec Certificates (2017) - potench
https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html
======
mehrdadn
Maybe add [2017]? I was confused why they were saying things "will" happen in
2017 until I read the date.

~~~
forgot-my-pw
Starting with Chrome 66, Chrome will remove trust in Symantec-issued
certificates issued prior to June 1, 2016. Chrome 66 is currently scheduled to
be released to Chrome Beta users on March 15, 2018 and to Chrome Stable users
around April 17, 2018.

~~~
mehrdadn
I was referring to this sentence:

> Additionally, by December 1, 2017, Symantec will transition issuance and
> operation of publicly-trusted certificates to DigiCert infrastructure.

------
purge
full history of Symantec CA issues:
[https://wiki.mozilla.org/CA:Symantec_Issues](https://wiki.mozilla.org/CA:Symantec_Issues)

------
forgot-my-pw
This is pretty big cause it also involves all Symantec issued certificates
including those operated by Symantec like GeoTrust and Thawte.

"...an initial set of reportedly 127 certificates has expanded to include at
least 30,000 certificates, issued over a period spanning several years."

