Luulyo 26, 2019 Google
Arrinka waxa loo codeeyay madasha CA/Browser (CABF), kaas oo dejinaya shuruudaha shahaadooyinka SSL/TLS, oo ay ku jiraan muddada ugu badan ee ansaxinta.
Ka dibna Sebtembar 10-keeda
Π Π΅Π·ΡΠ»ΡΡΠ°ΡΡ
Codbixinta Bixiyaha Shahaadada
(11 cod): Amazon, Buypass, Certigna (DHIMYOTIS), certSIGN, Sectigo ( hore Comodo CA), eMudhra, Kamu SM, Aynu Encrypt, Logius, PKIoverheid, SHECA, SSL.com
Ka soo horjeeda (20): Camerfirma, Certum (Asseco), CFCA, Chunghwa Telecom, Comsign, D-TRUST, DarkMatter, Entrust Datacard, Firmaprofesional, GDCA, GlobalSign, GoDaddy, Izenpe, Network Solutions, OATI, SECOM, SwissSign, TWCA, TrustCor, SecureTrust Trustwave)
Waa laga aamusay (2): HARICA, TurkTrust
Codeynta macaamiisha shahaado
loogu talagalay (7): Apple, Cisco, Google, Microsoft, Mozilla, Opera, 360
Ka soo horjeedda: 0
Waa laga aamusay: 0
Marka loo eego xeerarka Madasha CA/Browser, shahaado waa in ay ansixiyaan saddex-meelood labo meel bixiyayaasha shahaadooyinka iyo 50% oo lagu daray hal cod oo macaamiisha ah.
Wakiilada Digicert
Hal hab ama si kale, warshaduhu wali diyaar uma aha inay soo gaabiyaan muddada ansaxnimada shahaadooyinka oo ay gebi ahaanba u beddelaan xalalka otomaatiga ah. Maamulka shahaadada laftooda ayaa bixin kara adeegyadan, laakiin macaamiil badan ayaan wali hirgelin otomaatignimada. Sidaa darteed, dhimista wakhtiga kama dambaysta ah ee 397 ayaa dib loo dhigay hadda. Laakiin su'aashu way furan tahay.
Hadda Google waxa laga yaabaa inay isku daydo inay fuliso heerka βsi qasab ahβ, sidii ay ku samaysay borotokoolka
Aan dib u xasuusanno in otomaatig buuxa uu yahay mid ka mid ah mabaadi'da ay ku saleysan tahay shaqada xarunta shahaadaynta aan faa'iido doonka ahayn Aynu sir qaadno. Waxay siisaa shahaado bilaash ah qof walba, laakiin cimriga ugu badan ee shahaadodu waxay ku kooban tahay 90 maalmood. Shahaadooyinku waxay leeyihiin cimri gaaban
- xaddidaya burburka furayaasha la jabiyay iyo shahaadooyinka sida khaldan loo bixiyay, maadaama la isticmaalo waqti gaaban;
- shahaadooyinka cimriga gaaban waxay taageeraan oo dhiirigeliyaan automation-ka, kaas oo gabi ahaanba lama huraan u ah fududaynta isticmaalka HTTPS. Haddii aan u haajirayno dhammaan Shabakadda Caalamiga ah ee HTTPS, markaa kama filan karno maamulaha goob kasta oo jira inuu gacanta ku cusboonaysiiyo shahaadooyinka. Marka bixinta shahaado bixinta iyo cusboonaysiinta ay noqdaan kuwo si toos ah otomaatig ah u socda, cimriga shahaado gaaban ayaa noqon doonta mid ku haboon oo la taaban karo.
Marka laga hadlayo qarinta summada EV ee shahaadooyinka SSL ee barta ciwaanka, isbahaysigu uma codayn arrintan, sababtoo ah arrinta browserka UI gabi ahaanba waxay ku jirtaa awoodda horumariyeyaasha. Bilaha Sebtembar-Oktoobar, noocyo cusub oo Chrome 77 ah iyo Firefox 70 ah ayaa la sii deyn doonaa, kuwaas oo ka reebaya shahaadooyinka EV meel gaar ah barta ciwaanka browserka. Waa kuwan sida uu isbeddelku u eg yahay iyadoo la adeegsanayo nooca desktop-ka ee Firefox 70 tusaale ahaan:
Waxay ahayd:
dardaaran:
Sida uu qabo khabiirka amniga Troy Hunt, ka saaraya macluumaadka EV barta ciwaanka ee daalacashada
Source: www.habr.com