Kuwonjezedwa kwatsopano kungakhalenso kothandiza kwa malo omwe amagwira ntchito pazitukuko zazikulu zogawidwa zomwe zimakhala ndi zolemetsa zambiri. Zidziwitso Zoperekedwa zidzapewa kusunga makope a makiyi achinsinsi a ziphaso zazikulu pagawo lililonse loperekera zinthu. Ndi njira yachikale, kuwukira bwino kwa ma seva aliwonse omwe akukhudzidwa ndi kutumiza magalimoto a HTTPS kumabweretsa kusokonekera kwa satifiketi yonse. Ngati makiyi achinsinsi asamutsidwa kumanetiweki operekera zinthu, pamakhala ziwopsezo za kutayikira kwa data chifukwa cha kuwonongeka kwa ogwira ntchito, zochita za mabungwe azidziwitso, kapena kunyengerera kwa zomangamanga za CDN.
Ngati kutulutsa kofunikira sikunadziwike, iwo omwe apeza makiyi azitha kudziyika mosadziwika bwino mu traffic traffic (MITM) kwa nthawi yayitali, popeza nthawi zovomerezeka za satifiketi zimawerengedwa m'miyezi ndi zaka. Cloudflare imatha kuteteza makiyi a satifiketi ndi
Kuwonjezeredwa kwa TLS komwe kukuperekedwa kwa Delegated Credentials kumadzetsa kiyi yowonjezera yachinsinsi yapakatikati, kutsimikizika kwake kumangokhala maola kapena masiku angapo (osapitirira masiku 7). Kiyiyi imapangidwa kutengera satifiketi yoperekedwa ndi oyang'anira certification ndipo imakulolani kuti musunge chinsinsi chachinsinsi cha satifiketi yoyambirira kuchokera kuzinthu zoperekera zinthu, kuwapatsa satifiketi yakanthawi yokhala ndi moyo waufupi.
Pofuna kupewa zovuta zofikira kiyi yapakatikati itatha, ukadaulo wosinthira wokhazikika umaperekedwa kumbali ya seva yoyambirira ya TLS. Generation sichifuna ntchito zamanja kapena zolembera - seva yovomerezeka yomwe imafuna kiyi yachinsinsi, moyo wa kiyi yapitayo usanathe, imalumikizana ndi seva yoyambirira ya TLS ya tsambali ndipo imapanga kiyi yapakatikati pakanthawi kochepa.
Osakatula omwe amathandizira kuwonjezera kwa Delegated Credentials TLS aziona masatifiketi otengedwa ngati odalirika. Mwachitsanzo, kuthandizira pazowonjezera zomwe zafotokozedwazo zawonjezedwa kale kumapangidwe ausiku ndi mtundu wa beta wa Firefox ndipo zitha kutsegulidwa mu about:config posintha "security.tls.enable_delegated_credentials". Pakati pa mwezi wa November, kuyesanso kukonzedwa kuti kuchitidwe pakati pa anthu ambiri omwe amagwiritsa ntchito mitundu yoyesera ya Firefox "
Mafotokozedwe a Delegated Credentials aperekedwa ku komiti ya IETF (Internet Engineering Task Force), yomwe ili ndi udindo wopanga ma protocol ndi kamangidwe ka intaneti, ndipo ili pagulu.
Kuti mupange makiyi apakatikati, muyenera kupeza satifiketi ya TLS yomwe ili ndi chowonjezera chapadera cha X.509, chomwe pano chikuthandizidwa ndi olamulira a certification a DigiCert.
Source: opennet.ru