https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/eUAKwjihhBs/rpxMXjZHCQAJ
The action comes after Symantec was found to have misissued 30,000 SSL certs and did nothing to ensure there won't be further issuance.
Extended Validation (green bar) will be turned off for EV certs issued by Symantec in the next release.
The validity period (from issuance) for Symantec certs will decrease with each Chrome release from now on from 33 months to 9 months max.
>anti-virus
do people really are this stupid resource eating bloaty piece of shit which datamines you and instead of securing your system adds even more 0 day holes
are you this stupid people?
>>59543258
This has nothing to do with their "anti-virus" business.
Symantec owns Verisign and Thawte, controlling about 15% of the SSL cert market.
This is enormous. 15% of the market is understating it quite a bit.
Verisign own GeoTrust, Symantec, and Thawte. That's quite a lot of the commercial certificates out there which will rapidly become untrusted as to EV and will be phased out due to - well, they fucked up. There was widespread misissuance, and evidence (via Certificate Transparency - thanks, Adam and Ryan!) has been found of it.
Verisign are also the custodians for the .COM and .NET domains from ICANN, and have been since their inception. ICANN need to be informed of an irregularity of this enormity.
>>59543626
My bank uses Symantec.
In fact, I think most banks use Symantec/Verisign.
>>59543670
yep
idk any that don't
Man fuck google, "we're big enough that we can bully anyone into doing shit we want"
>>59544266
US Bank uses Entrust.