Chikunguru 26, 2019 Google kuderedza iyo yakanyanya kunaka nguva yeSSL/TLS server zvitupa kubva pamazuva ano 825 kusvika kumazuva 397 (inenge mwedzi gumi nenhatu), ndiko kuti, nehafu. Google inotenda kuti chete otomatiki yakakwana yezviito zvine zvitupa ndiyo inobvisa matambudziko aripo ekuchengetedza, ayo anowanzo kuverengerwa zvinhu zvevanhu. Naizvozvo, zvine musoro, munhu anofanirwa kuyedza kuburitsa otomatiki kwezvitupa zvenguva pfupi.
Nyaya yacho yakavhoterwa muCA/Browser Forum (CABF), iyo inoisa zvinodiwa pazvitupa zveSSL/TLS, kusanganisira nguva yakawandisa.
Uye ipapo September 10 : nhengo dze consortium dzakavhota against zvinopihwa.
Mhinduro
Chitupa Chinopa Kuvhota
Kwe (11 mavhoti): Amazon, Buypass, Certigna (DHIMYOTIS), certSIGN, Sectigo (yaimbova Comodo CA), eMudhra, Kamu SM, Let's Encrypt, Logius, PKIoverheid, SHECA, SSL.com
Kurwisana (20): Camerfirma, Certum (Asseco), CFCA, Chunghwa Telecom, Comsign, D-TRUST, DarkMatter, Entrust Datacard, Firmaprofesional, GDCA, GlobalSign, GoDaddy, Izenpe, Network Solutions, OATI, SECOM, SwissSign, TWCA, TrustCor, SecureTrust (yaimbova Trustwave)
Kurambidzwa (2): HARICA, TurkTrust
Kuvhota kwevatengi vezvitupa
Zve(7): Apple, Cisco, Google, Microsoft, Mozilla, Opera, 360
Kupesana: 0
Abstained: 0
Zvinoenderana nemitemo yeCA/Browser Forum, chitupa chinofanirwa kubvumidzwa nezvikamu zviviri muzvitatu zvevanopa zvitupa uye 50% pamwe nevhoti imwe chete pakati pevatengi.
Vamiriri veDigicert nekudarika vhoti, kwavaizovhota vachitsigira kudzikiswa kwenguva yezvitupa. Ivo vanocherekedza kuti kune vamwe vatengi, iyo ipfupi nguva inogona kunge iri dambudziko, asi kune kwenguva refu yekuchengetedza mabhenefiti.
Imwe nzira kana imwe, indasitiri haisati yagadzirira kupfupisa nguva yechokwadi yezvitupa uye chinja zvachose kune otomatiki mhinduro. Zviremera zveSitifiketi pachavo zvinogona kupa masevhisi akadaro, asi vatengi vazhinji havasati vaita otomatiki. Naizvozvo, kuderedzwa kwemazuva ekupedzisira kusvika kumazuva 397 kwakamiswa ikozvino. Asi mubvunzo unoramba wakavhurika.
Iye zvino Google inogona kuedza kushandisa chiyero "nechisimba", sezvayakaita neprotocol . Uyezve, inotsigirwawo nevamwe vanogadzira: Apple, Microsoft, Mozilla uye Opera.
Ngatiyeukei kuti otomatiki yakazara ndeimwe yemisimboti iyo basa reiyo isiri-purofiti certification centre Let's Encrypt yakavakirwa. Inopa zvitupa zvemahara kumunhu wese, asi huwandu hwehupenyu hwechitupa hunogumira kumazuva makumi mapfumbamwe. Zvitupa zvine hupenyu hupfupi :
- kudzikisira kukuvadzwa kubva kumakiyi akakanganiswa uye zvitupa zvisirizvo zvakapihwa, sezvo zvichishandiswa kwenguva pfupi;
- zvitupa zvenguva pfupi zvinotsigira uye zvinokurudzira otomatiki, izvo zvinonyanya kudiwa kuti zvive nyore kushandisa HTTPS. Kana tichizotamisa World Wide Web yese kuenda kuHTTPS, saka hatingatarisire maneja wesaiti yega yega iripo kuti agadzirise zvitupa. Kamwe kuburitswa kwechitupa uye kuvandudzwa kwave kuita otomatiki zvizere, hupfupi setifiketi hupenyu huchava nyore uye hunoshanda.
zvakaratidza kuti 73,7% yevakapindura "asi tsigiro" kupfupisa nguva yechokwadi yezvitupa.
Kana iri yekuvanza iyo EV icon yeSSL zvitupa mubhawa rekero, iyo consortium haina kuvhota panyaya iyi, nekuti nyaya yebrowser UI iri mukati mekugona kwevagadziri. MunaGunyana-Gumiguru, shanduro itsva dzeChrome 77 uye Firefox 70 dzichaburitswa, izvo zvichabvisa zvitupa zveEV zvenzvimbo yakakosha mubhurawuza kero bar. Hezvino izvo shanduko inotaridzika sekushandisa desktop desktop yeFirefox 70 semuenzaniso:
Waive:
Kuda:
Sekureva kwenyanzvi yekuchengetedza Troy Hunt, kubvisa ruzivo rweEV kubva kukero bar yebrowser .
Source: www.habr.com