NgoJulayi 26, 2019 kuGoogle ukunciphisa ubuninzi bexesha lezatifikethi zeseva ye-SSL/TLS ukusuka kwiintsuku ezingama-825 ukuya kwiintsuku ezingama-397 (malunga neenyanga ezili-13), oko kukuthi, malunga nesiqingatha. UGoogle ukholelwa ukuba kukuphela okupheleleyo kokuzenzekela kwezenzo ezinezatifikethi eziya kususa iingxaki zangoku zokhuseleko, ezihlala zibalelwa kwizinto zabantu. Ke ngoko, ngokufanelekileyo, umntu kufuneka alwele ukukhutshwa okuzenzekelayo kwezatifikethi zexesha elifutshane.
Lo mba uye wavotelwa kwi-CA/Browser Forum (CABF), emisela iimfuno zezatifikethi ze-SSL/TLS, kuquka elona xesha liphezulu lokuqinisekisa.
Kwaye ke ngoSeptemba 10 : amalungu ekhonsortium avotele против unikezelo.
Iziphumo
Ukuvota koMniki weSatifikethi
Ku (11 iivoti): Amazon, Buypass, Certigna (DHIMYOTIS), certSIGN, Sectigo (eyayifudula iyiComodo CA), eMudhra, Kamu SM, Masifihle, Logius, PKIoverheid, SHECA, SSL.com
Ngokuchasene (20): Camerfirma, Certum (Asseco), CFCA, Chunghwa Telecom, Comsign, D-TRUST, DarkMatter, Entrust Datacard, Firmaprofesional, GDCA, GlobalSign, GoDaddy, Izenpe, Network Solutions, OATI, SECOM, SwissSign, TWCA, TrustCor, SecureTrust (yangaphambili Trustwave)
Akakhange (2): HARICA, TurkTrust
Ukuvota kwabathengi besatifikethi
Ye (7): Apple, Cisco, Google, Microsoft, Mozilla, Opera, 360
Ngokuchasene: 0
Uyekile: 0
Ngokwemigaqo ye-CA/Browser Forum, isatifikethi kufuneka sivunywe sisibini esithathwini sabaniki besatifikethi kunye nama-50% kunye nevoti enye phakathi kwabathengi.
Abameli beDigicert ngokutsiba ivoti, apho bebeza kuvota bexhasa ukuncitshiswa kwexesha lezatifiketi. Baqaphela ukuba kubathengi abathile, ixesha elifutshane linokuba yingxaki, kodwa kukho izibonelelo zokhuseleko zexesha elide.
Enye indlela okanye enye, ishishini alikakulungeli ukunciphisa ixesha lokuqinisekisa iziqinisekiso kunye nokutshintshela ngokupheleleyo kwizisombululo ezizenzekelayo. Amagunya esatifikethi ngokwawo anokubonelela ngeenkonzo ezinjalo, kodwa abathengi abaninzi abakayiphumezi i-automation. Ke ngoko, ukuncitshiswa komhla obekiweyo ukuya kwiintsuku ezingama-397 kuhlehlisiwe okwangoku. Kodwa umbuzo uhlala uvulekile.
Ngoku uGoogle unokuzama ukusebenzisa umgangatho "ngokunyanzeliswa", njengoko wenzayo ngeprotocol . Ngaphezu koko, ikwaxhaswa nangabanye abaphuhlisi: iApple, iMicrosoft, iMozilla kunye neOpera.
Masikhumbule ukuba i-automation epheleleyo yenye yemigaqo apho umsebenzi weziko lezatifikethi ezingenzi nzuzo Masibhale phantsi. Ikhupha izatifikethi zasimahla kuye wonke umntu, kodwa ubomi besatifikethi bukhawulelwe kwiintsuku ezingama-90. Izatifikethi zinexesha elifutshane lokuphila :
- ukunciphisa umonakalo ovela kwizitshixo ezithintekayo kunye nezatifikethi ezikhutshwe ngokungachanekanga, ekubeni zisetyenziselwa ixesha elifutshane;
- izatifikethi ezihlala ixesha elifutshane zixhasa kwaye zikhuthaza ukuzenzekelayo, okuyimfuneko ngokupheleleyo ukuze kube lula ukusetyenziswa kwe-HTTPS. Ukuba siza kufuduka iWorld Wide Web kwi-HTTPS, ngoko asinakulindela ukuba umlawuli wendawo nganye ekhoyo ahlaziye iziqinisekiso. Nje ukuba ukukhutshwa kwesatifikethi kunye nohlaziyo lwenziwe ngokuzenzekela ngokupheleleyo, ubomi besatifikethi esifutshane buya kuba lula kwaye busebenziseke.
ibonise ukuba i-73,7% yabaphenduli "ixhasa inkxaso" yokunciphisa ixesha lokuqinisekiswa kwezatifikethi.
Ngokuphathelele ukufihla i-icon ye-EV yezatifikethi ze-SSL kwibha yedilesi, i-consortium ayizange ivote kulo mbandela, kuba umba we-browser ye-UI ungaphakathi ngokupheleleyo kwikhono labaphuhlisi. NgoSeptemba-Okthobha, iinguqulelo ezintsha zeChrome 77 kunye neFirefox 70 ziya kukhutshwa, eziya kuthi zithintele izatifikethi ze-EV kwindawo ekhethekileyo kwibha yedilesi yesikhangeli. Nalu utshintsho olujongeka ngathi usebenzisa i-desktop yeFirefox 70 njengomzekelo:
Yayiyi:
Intando:
Ngokutsho kwengcali yezokhuseleko uTroy Hunt, ukususa ulwazi lwe-EV kwibar yedilesi yeziphequluli .
umthombo: www.habr.com
