July 26, 2019 Google chepetsani nthawi yovomerezeka ya ziphaso za seva ya SSL/TLS kuyambira masiku 825 mpaka masiku 397 (pafupifupi miyezi 13), ndiye kuti, pafupifupi theka. Google imakhulupirira kuti kungochita zokha zokha zokhala ndi satifiketi kudzachotsa mavuto omwe alipo, omwe nthawi zambiri amabwera chifukwa cha anthu. Chifukwa chake, moyenera, munthu ayenera kuyesetsa kuti apereke ma satifiketi akanthawi kochepa.
Nkhaniyi idavoteredwa mu CA/Browser Forum (CABF), yomwe imakhazikitsa zofunikira pa satifiketi za SSL/TLS, kuphatikiza nthawi yovomerezeka.
Ndiyeno September 10 : mamembala a consortium adavotera motsutsa malingaliro.
Zotsatira
Kuvota kwa Wopereka Satifiketi
Kwa (11 mavoti): Amazon, Buypass, Certigna (DHIMYOTIS), certSIGN, Sectigo (omwe kale anali Comodo CA), eMudhra, Kamu SM, Let's Encrypt, Logius, PKIoverheid, SHECA, SSL.com
Ndi (20): Camerfirma, Certum (Asseco), CFCA, Chunghwa Telecom, Comsign, D-TRUST, DarkMatter, Entrust Datacard, Firmaprofesional, GDCA, GlobalSign, GoDaddy, Izenpe, Network Solutions, OATI, SECOM, SwissSign, TWCA, TrustCor, SecureTrust (kale) Trustwave)
Zopanda (2): HARICA, TurkTrust
Ogula satifiketi akuvota
Za (7): Apple, Cisco, Google, Microsoft, Mozilla, Opera, 360
Motsutsa: 0
Wakana: 0
Malinga ndi malamulo a CA/Browser Forum, satifiketi iyenera kuvomerezedwa ndi magawo awiri mwa atatu a opereka satifiketi ndi 50% kuphatikiza voti imodzi pakati pa ogula.
Oimira a Digicert chifukwa chodumpha voti, pomwe akanavota mokomera kuchepetsa nthawi yovomerezeka ya ziphaso. Amazindikira kuti kwa makasitomala ena, nthawi yayifupi ikhoza kukhala vuto, koma pali zopindulitsa zanthawi yayitali.
Mwanjira ina, makampaniwa sanakonzekere kufupikitsa nthawi yovomerezeka ya ziphaso ndikusintha kwathunthu ku mayankho odzichitira okha. Oyang'anira ziphaso okha amatha kupereka izi, koma makasitomala ambiri sanagwiritsebe ntchito makinawo. Chifukwa chake, kuchepetsedwa kwa tsiku lomaliza kukhala masiku 397 kwayimitsidwa pano. Koma funso likadali lotseguka.
Tsopano Google ikhoza kuyesa kukhazikitsa "mokakamiza", monga momwe idachitira ndi protocol . Kuphatikiza apo, imathandizidwanso ndi opanga ena: Apple, Microsoft, Mozilla ndi Opera.
Tikumbukire kuti automation yathunthu ndi imodzi mwama mfundo omwe ntchito ya malo osapindulitsa a certification Let's Encrypt idakhazikitsidwa. Imapereka ziphaso zaulere kwa aliyense, koma nthawi yayitali ya satifiketi imakhala masiku 90. Zikalata zimakhala ndi moyo waufupi :
- kuchepetsa kuwonongeka kwa makiyi osokonezedwa ndi ziphaso zoperekedwa molakwika, chifukwa zimagwiritsidwa ntchito kwakanthawi kochepa;
- satifiketi yanthawi yayitali imathandizira ndikulimbikitsa zodzichitira, zomwe ndizofunikira kwambiri kuti mugwiritse ntchito HTTPS mosavuta. Ngati tisamutsa Webusaiti Yonse Yapadziko Lonse kupita ku HTTPS, ndiye kuti sitingayembekezere kuti woyang'anira tsamba lililonse lomwe alipo kuti asinthe satifiketi pamanja. Kupereka satifiketi ndi kukonzanso kukakhala kokhazikika, nthawi yayitali ya satifiketi imakhala yosavuta komanso yothandiza.
adawonetsa kuti 73,7% ya omwe adafunsidwa "m'malo mwake amathandizira" akufupikitsa nthawi yovomerezeka ya ziphaso.
Ponena za kubisa chizindikiro cha EV cha ziphaso za SSL mu bar adilesi, consortium sinavote pankhaniyi, chifukwa nkhani ya msakatuli UI ili m'manja mwa opanga. Mu Seputembala-Oktoba, mitundu yatsopano ya Chrome 77 ndi Firefox 70 idzatulutsidwa, zomwe zidzatseketsa ziphaso za EV malo apadera mu bar adilesi ya osatsegula. Umu ndi momwe kusinthaku kukuwonekera pogwiritsa ntchito mtundu wa desktop wa Firefox 70 monga chitsanzo:
Anali:
Kufuna:
Malinga ndi katswiri wachitetezo Troy Hunt, kuchotsa zidziwitso za EV kuchokera pa adilesi ya asakatuli .
Source: www.habr.com