Google is losing trust in Entrust due to ongoing compliance issues and overall lack of improvement. Chrome users will no longer trust TLS server authentication certificates linked to Entrust or AffirmTrust roots by default, starting in version 127. Incidents highlighting Entrust’s behavior have caused Google to question their reliability and integrity as a certificate authority. Mozilla has also raised concerns about Entrust’s certificates, leading to Google’s decision to stop trusting them.
Despite a grace period to minimize disruptions, Google will no longer accept Entrust certificates after October 31. Users can manually trust these roots to maintain functionality, but the change will affect Chrome on all major operating systems except iOS. Website owners need to find a new certificate authority before the deadline to avoid Chrome warning visitors of an unsafe connection.
The decision serves as a reminder for certificate authorities to meet industry standards, especially with shorter certificate lifecycles and the rise of quantum computing. CAs and CLM vendors must comply with the CA/Browser Forum’s rules to ensure trust and security on the internet. Entrust has expressed disappointment with Google’s decision and is working on plans to continue providing TLS certificates to their customers.
Article Source
https://www.theregister.com/AMP/2024/06/28/google_axes_entrust_over_six/
