Luulyo 26, 2019 Google hoos u dhig muddada ugu badan ee ansaxnimada SSL/TLS ee shahaadooyinka serverka laga bilaabo 825 maalmood ilaa 397 maalmood (qiyaastii 13 bilood), taas oo ah, qiyaastii kala badh. Google wuxuu aaminsan yahay in kaliya dhammaystirka otomatiga ah ee ficillada leh shahaadooyinka ay ka takhalusi doonaan dhibaatooyinka amniga ee hadda jira, kuwaas oo inta badan loo aaneeyo arrimaha aadanaha. Sidaa darteed, sida ugu habboon, qofku waa inuu ku dadaalaa sidii si toos ah loogu soo saari lahaa shahaadooyin waqti-gaaban.
Arrinka waxa loo codeeyay madasha CA/Browser (CABF), kaas oo dejinaya shuruudaha shahaadooyinka SSL/TLS, oo ay ku jiraan muddada ugu badan ee ansaxinta.
Ka dibna Sebtembar 10-keeda : Xubnaha dalada ayaa u codeeyay ka hor dalabyo.
Π Π΅Π·ΡΠ»ΡΡΠ°ΡΡ
Codbixinta Bixiyaha Shahaadada
(11 cod): Amazon, Buypass, Certigna (DHIMYOTIS), certSIGN, Sectigo ( hore Comodo CA), eMudhra, Kamu SM, Aynu Encrypt, Logius, PKIoverheid, SHECA, SSL.com
Ka soo horjeeda (20): Camerfirma, Certum (Asseco), CFCA, Chunghwa Telecom, Comsign, D-TRUST, DarkMatter, Entrust Datacard, Firmaprofesional, GDCA, GlobalSign, GoDaddy, Izenpe, Network Solutions, OATI, SECOM, SwissSign, TWCA, TrustCor, SecureTrust Trustwave)
Waa laga aamusay (2): HARICA, TurkTrust
Codeynta macaamiisha shahaado
loogu talagalay (7): Apple, Cisco, Google, Microsoft, Mozilla, Opera, 360
Ka soo horjeedda: 0
Waa laga aamusay: 0
Marka loo eego xeerarka Madasha CA/Browser, shahaado waa in ay ansixiyaan saddex-meelood labo meel bixiyayaasha shahaadooyinka iyo 50% oo lagu daray hal cod oo macaamiisha ah.
Wakiilada Digicert si ay uga boodaan codbixinta, halkaas oo ay ugu codayn lahaayeen dhimista muddada ansaxinta shahaadooyinka. Waxay xuseen in macaamiisha qaarkood, muddada gaaban ay noqon karto dhibaato, laakiin waxaa jira faa'iidooyin amniga muddada-dheer.
Hal hab ama si kale, warshaduhu wali diyaar uma aha inay soo gaabiyaan muddada ansaxnimada shahaadooyinka oo ay gebi ahaanba u beddelaan xalalka otomaatiga ah. Maamulka shahaadada laftooda ayaa bixin kara adeegyadan, laakiin macaamiil badan ayaan wali hirgelin otomaatignimada. Sidaa darteed, dhimista wakhtiga kama dambaysta ah ee 397 ayaa dib loo dhigay hadda. Laakiin su'aashu way furan tahay.
Hadda Google waxa laga yaabaa inay isku daydo inay fuliso heerka βsi qasab ahβ, sidii ay ku samaysay borotokoolka . Intaa waxaa dheer, waxaa sidoo kale taageera horumarinta kale: Apple, Microsoft, Mozilla iyo Opera.
Aan dib u xasuusanno in otomaatig buuxa uu yahay mid ka mid ah mabaadi'da ay ku saleysan tahay shaqada xarunta shahaadaynta aan faa'iido doonka ahayn Aynu sir qaadno. Waxay siisaa shahaado bilaash ah qof walba, laakiin cimriga ugu badan ee shahaadodu waxay ku kooban tahay 90 maalmood. Shahaadooyinku waxay leeyihiin cimri gaaban :
- xaddidaya burburka furayaasha la jabiyay iyo shahaadooyinka sida khaldan loo bixiyay, maadaama la isticmaalo waqti gaaban;
- shahaadooyinka cimriga gaaban waxay taageeraan oo dhiirigeliyaan automation-ka, kaas oo gabi ahaanba lama huraan u ah fududaynta isticmaalka HTTPS. Haddii aan u haajirayno dhammaan Shabakadda Caalamiga ah ee HTTPS, markaa kama filan karno maamulaha goob kasta oo jira inuu gacanta ku cusboonaysiiyo shahaadooyinka. Marka bixinta shahaado bixinta iyo cusboonaysiinta ay noqdaan kuwo si toos ah otomaatig ah u socda, cimriga shahaado gaaban ayaa noqon doonta mid ku haboon oo la taaban karo.
waxay muujisay in 73,7% jawaab bixiyaasha ay "taageerayaan" soo gaabinaya muddada ansaxinta shahaadooyinka.
Marka laga hadlayo qarinta summada EV ee shahaadooyinka SSL ee barta ciwaanka, isbahaysigu uma codayn arrintan, sababtoo ah arrinta browserka UI gabi ahaanba waxay ku jirtaa awoodda horumariyeyaasha. Bilaha Sebtembar-Oktoobar, noocyo cusub oo Chrome 77 ah iyo Firefox 70 ah ayaa la sii deyn doonaa, kuwaas oo ka reebaya shahaadooyinka EV meel gaar ah barta ciwaanka browserka. Waa kuwan sida uu isbeddelku u eg yahay iyadoo la adeegsanayo nooca desktop-ka ee Firefox 70 tusaale ahaan:
Waxay ahayd:
dardaaran:
Sida uu qabo khabiirka amniga Troy Hunt, ka saaraya macluumaadka EV barta ciwaanka ee daalacashada .
Source: www.habr.com