ProHoster > Π‘Π»ΠΎΠ³ > Kev tswj hwm > Lub Rooj Sib Tham CA/B tau pov npav tawm tsam txo lub sijhawm siv tau ntawm SSL daim ntawv pov thawj rau 397 hnub

Lub Rooj Sib Tham CA/B tau pov npav tawm tsam txo lub sijhawm siv tau ntawm SSL daim ntawv pov thawj rau 397 hnub

Lub Xya hli ntuj 26, 2019 Google ua ib qhov kev thov txo lub sijhawm siv tau ntau tshaj plaws ntawm SSL / TLS server daim ntawv pov thawj los ntawm 825 hnub tam sim no mus rau 397 hnub (kwv yees 13 lub hlis), uas yog kwv yees li ib nrab. Google ntseeg hais tias tsuas yog ua tiav automation ntawm kev ua nrog daim ntawv pov thawj yuav tshem tawm cov teeb meem kev nyab xeeb tam sim no, uas feem ntau yog vim tib neeg. Yog li ntawd, qhov zoo tshaj plaws, ib tus yuav tsum siv zog rau kev muab cov ntawv pov thawj luv luv.

Qhov teeb meem tau muab tso rau hauv kev pov npav hauv CA/Browser Forum (CABF), uas teeb tsa cov cai rau SSL / TLS daim ntawv pov thawj, suav nrog lub sijhawm siv tau siab tshaj plaws.

Thiab ces lub Cuaj Hlis 10th tau tshaj tawm: consortium cov tswv cuab voted tawm tsam cov lus qhia.

Π Π΅Π·ΡƒΠ»ΡŒΡ‚Π°Ρ‚Ρ‹

Certificate Issuer Voting

Rau (11 votes): Amazon, Buypass, Certigna (DHIMYOTIS), certSIGN, Sectigo (yav tas los Comodo CA), eMudhra, Kamu SM, Let's Encrypt, Logius, PKIoverheid, SHECA, SSL.com

Tawm tsam (20): Camerfirma, Certum (Asseco), CFCA, Chunghwa Telecom, Comsign, D-TRUST, DarkMatter, Entrust Datacard, Firmaprofesional, GDCA, GlobalSign, GoDaddy, Izenpe, Network Solutions, OATI, SECOM, SwissSign, TWCA, Secruster Trustwave)

Abstained (2): HARICA, TurkTrust

Certificate cov neeg siv khoom pov npav

Rau (7): Apple, Cisco, Google, Microsoft, Mozilla, Opera, 360

Tawm tsam: 0

Abstained: 0

Raws li CA/Browser Forum cov cai, daim ntawv pov thawj yuav tsum tau pom zoo los ntawm ob feem peb ntawm cov ntawv pov thawj thiab 50% ntxiv rau ib qho kev pov npav ntawm cov neeg siv khoom.

Cov neeg sawv cev ntawm Digicert thov txim rau hla kev pov npav, qhov twg lawv yuav tau pov ntawv pom zoo los txo lub sijhawm siv tau ntawm daim ntawv pov thawj. Lawv nco ntsoov tias rau qee tus neeg siv khoom, lub sijhawm luv luv yuav yog qhov teeb meem, tab sis muaj cov txiaj ntsig kev ruaj ntseg ntev.

Ib txoj kev lossis lwm qhov, kev lag luam tseem tsis tau npaj kom luv luv lub sijhawm siv tau ntawm daim ntawv pov thawj thiab hloov pauv mus rau cov kev daws teeb meem. Daim ntawv pov thawj tub ceev xwm lawv tus kheej tuaj yeem muab cov kev pabcuam zoo li no, tab sis ntau tus neeg siv khoom tseem tsis tau siv automation. Yog li ntawd, kev txo lub sijhawm kawg rau 397 hnub yog ncua rau tam sim no. Tab sis cov lus nug tseem qhib.

Tam sim no Google yuav sim siv tus qauv "yuav yuam kev", raws li nws tau ua nrog cov txheej txheem Daim ntawv pov thawj Transparency. Ntxiv mus, nws kuj tseem txhawb nqa los ntawm lwm tus tsim tawm: Apple, Microsoft, Mozilla thiab Opera.

Cia peb nco qab tias tag nrho automation yog ib qho ntawm cov hauv paus ntsiab lus ntawm kev ua haujlwm ntawm cov ntawv pov thawj tsis muaj txiaj ntsig Let's Encrypt raws li. Nws muab daim ntawv pov thawj pub dawb rau txhua tus, tab sis qhov siab tshaj plaws lifespan ntawm daim ntawv pov thawj yog txwv rau 90 hnub. Cov ntawv pov thawj muaj lub neej luv luv ob lub ntsiab zoo:

  1. txwv qhov kev puas tsuaj los ntawm cov yuam sij cuam tshuam thiab muab cov ntawv pov thawj tsis raug, vim lawv siv sijhawm luv dua;
  2. Cov ntawv pov thawj luv luv txhawb nqa thiab txhawb nqa automation, uas yog qhov tsim nyog rau qhov yooj yim ntawm kev siv HTTPS. Yog tias peb yuav tsiv mus nyob thoob plaws ntiaj teb Wide Web rau HTTPS, ces peb tsis tuaj yeem cia siab tias tus thawj coj ntawm txhua qhov chaw uas twb muaj lawm los hloov daim ntawv pov thawj manually. Thaum daim ntawv pov thawj tshaj tawm thiab rov ua dua tshiab tau ua tiav tag nrho, daim ntawv pov thawj lub neej luv dua yuav yooj yim dua thiab siv tau.

GlobalSign daim ntawv ntsuam xyuas ntawm Habre qhia tau tias 73,7% ntawm cov neeg teb "kev txhawb nqa" luv luv lub sijhawm siv tau ntawm daim ntawv pov thawj.

Raws li kev zais EV icon rau SSL daim ntawv pov thawj nyob rau hauv qhov chaw nyob bar, lub koom haum tsis tau pov npav rau qhov teeb meem no, vim hais tias qhov teeb meem ntawm browser UI yog tag nrho ntawm kev muaj peev xwm ntawm cov neeg tsim khoom. Thaum lub Cuaj Hlis-Lub Kaum Hli, cov qauv tshiab ntawm Chrome 77 thiab Firefox 70 yuav raug tso tawm, uas yuav tshem tawm EV daim ntawv pov thawj ntawm qhov chaw tshwj xeeb hauv qhov browser chaw nyob. Nov yog qhov kev hloov pauv zoo li siv lub desktop version ntawm Firefox 70 ua piv txwv:

Yog:

Lub Rooj Sib Tham CA/B tau pov npav tawm tsam txo lub sijhawm siv tau ntawm SSL daim ntawv pov thawj rau 397 hnub

Yuav:

Lub Rooj Sib Tham CA/B tau pov npav tawm tsam txo lub sijhawm siv tau ntawm SSL daim ntawv pov thawj rau 397 hnub

Raws li tus kws tshaj lij kev ruaj ntseg Troy Hunt, tshem tawm EV cov ntaub ntawv los ntawm qhov chaw nyob bar ntawm browsers tiag tiag buries hom ntawv pov thawj.

Tau qhov twg los: www.hab.com

Ntxiv ib saib