Horumarinta mashruuca Chromium , kaas oo dejinaya inta ugu badan cimriga shahaadooyinka TLS ilaa 398 maalmood (13 bilood).
Shardidu waxay qusaysaa dhammaan shahaadooyinka server-ka dadweynaha ee la soo saaray wixii ka dambeeya Sebtembar 1, 2020. Haddi shahaadu ay ku waafi weydo qaanuunkan, browserka ayaa u diidi doona mid aan sax ahayn oo si gaar ah uga jawaabi doona cilad ERR_CERT_VALIDITY_TOO_LONG.
Shahaadooyinka la helo ka hor Sebtembar 1, 2020, kalsoonida waa la ilaalin doonaa iyo (2,2 sano), sida maanta oo kale.
Markii hore, horumariyayaashii Firefox iyo daalacashada Safari waxay soo bandhigeen xaddidaadyo ku saabsan nolosha ugu badan ee shahaadooyinka. Isbeddel sidoo kale .
Tani waxay ka dhigan tahay in shabakadaha isticmaala shahaadooyinka nolosha dheer ee SSL/TLS ee la soo saaro ka dib barta goynta ay ku tuuri doonaan khaladaadka sirta ah ee daalacashada.
Apple wuxuu ahaa kii ugu horreeyay ee ku dhawaaqay siyaasadda cusub kulanka golaha CA/Browser . Markii la soo bandhigayay sharciga cusub, Apple wuxuu ballanqaaday inuu ku dabaqi doono dhammaan aaladaha iOS iyo macOS. Tani waxay cadaadis saaraysaa maamulayaasha mareegaha iyo horumariyayaasha si ay u hubiyaan in shahaadooyinkooda ay waafaqsan yihiin.
Soo gaabinta cimriga shahaadooyinka waxa ka hadlay muddo bilo ah Apple, Google, iyo xubnaha CA/Browser kale. Siyaasaddani waxay leedahay faa'iidooyin iyo faa'iido darrooyinkeeda.
Hadafka tillaabadan ayaa ah in la wanaajiyo amniga mareegaha iyada oo la hubinayo in horumariyayaashu isticmaalaan shahaadooyin heerarkii ugu dambeeyay ee cryptographic, iyo in la dhimo tiradii hore, shahaadooyinka la ilaaway ee suurtagalka ah in la xado oo dib loogu isticmaalo phishing iyo xaasidnimo wadista weerarrada. Haddii weerarradu ay jebin karaan xog-ururinta heerka SSL/TLS, shahaadooyinka muddada-gaaban ayaa hubin doona in dadku u beddelaan shahaadooyin sugan muddo sannad gudihiis ah.
Soo gaabinta muddada ansaxinta shahaadooyinka ayaa leh xoogaa khasaare ah. Waxaa la xusay in iyadoo la kordhinayo inta jeer ee beddelka shahaadooyinka, Apple iyo shirkado kale ay sidoo kale nolosha ku adkeynayaan milkiilayaasha goobta iyo shirkadaha ay tahay inay maamulaan shahaadooyinka iyo u hoggaansanaanta.
Dhanka kale, Aynu sir dhigno iyo masuuliyiinta kale ee shahaadooyinka waxay ku dhiirigeliyaan maamulayaasha shabakadaha inay hirgeliyaan hababka otomaatiga ah ee cusboonaysiinta shahaadooyinka. Tani waxay yaraynaysaa kharashka bini'aadamka iyo khatarta khaladaadka maadaama inta jeer ee beddelka shahaadada ay korodho.
Sidaad ogtahay, Aynu sirno soo saarno shahaadooyin HTTPS bilaash ah oo dhacaya 90 maalmood ka dib oo siisa qalab si otomaatig ah loogu cusbooneysiiyo. Markaa hadda shahaadooyinkan ayaa si ka sii wanaagsan ugu habboon kaabayaasha guud maadaama daalacayaashu dejiyaan xadka ugu badnaan ee ansaxnimada.
Isbeddelkan waxaa codeeyay xubnaha CA/Browser Forum, laakiin go'aanka .
Π Π΅Π·ΡΠ»ΡΡΠ°ΡΡ
Codbixinta Bixiyaha Shahaadada
(11 cod): Amazon, Buypass, Certigna (DHIMYOTIS), certSIGN, Sectigo ( hore Comodo CA), eMudhra, Kamu SM, Aynu Encrypt, Logius, PKIoverheid, SHECA, SSL.com
Ka soo horjeeda (20): Camerfirma, Certum (Asseco), CFCA, Chunghwa Telecom, Comsign, D-TRUST, DarkMatter, Entrust Datacard, Firmaprofesional, GDCA, GlobalSign, GoDaddy, Izenpe, Network Solutions, OATI, SECOM, SwissSign, TWCA, TrustCor, SecureTrust Trustwave)
Waa laga aamusay (2): HARICA, TurkTrust
Codeynta macaamiisha shahaado
loogu talagalay (7): Apple, Cisco, Google, Microsoft, Mozilla, Opera, 360
Ka soo horjeedda: 0
Waa laga aamusay: 0
Darowsarrada ayaa hadda dhaqan geliya siyaasaddan iyaga oo aan ogolaansho ka haysan maamulka shahaadada
Source: www.habr.com