{"id":63,"date":"2016-11-01T15:19:51","date_gmt":"2016-11-01T07:19:51","guid":{"rendered":"https:\/\/www.sslcert.com.hk\/blog\/?p=63"},"modified":"2017-05-31T17:25:12","modified_gmt":"2017-05-31T09:25:12","slug":"google-firefox-and-apple-distrust-wosign-and-startcom-certificates-in-2017-2","status":"publish","type":"post","link":"https:\/\/www.sslcert.com.hk\/blog\/tw\/2016\/11\/01\/google-firefox-and-apple-distrust-wosign-and-startcom-certificates-in-2017-2\/","title":{"rendered":"Google, Firefox\u548cApple\u57282017\u5e74\u4e0d\u4fe1\u4efbWoSign\u548cStartCom\u8b49\u66f8"},"content":{"rendered":"<p><\/p>\n<p>\u5982\u679c\u60a8\u4f7f\u7528StartCom (StartSSL) \u6216WoSign\u8b49\u66f8, \u662f\u6642\u5019\u9700\u8981\u66f4\u8b8a\u4e86!<\/p>\n<p>Mozilla\u65bc2016\u5e7410\u670824\u65e5\u5ba3\u5e03, \u5f9eFirefox 51\u958b\u59cb, WoSign\u548cStartCom\u767c\u884c\u7684\u8b49\u66f8\u5c07\u4e0d\u88ab\u4fe1\u4efb.<\/p>\n<p>Google\u4e5f\u65bc2016\u5e7410\u670831\u65e5\u5ba3\u5e03, \u5f9e2017\u5e741\u6708Chrome 56\u958b\u59cb, Chrome\u5c07\u4e0d\u4fe1\u4efb\u8a8d\u8b49\u6a5f\u69cb\u7c3d\u767c\u7684\u8b49\u66f8 &#8211; WoSign\u548cStartCom, \u4ed6\u5011\u4e0d\u7b26\u5408\u8a8d\u8b49\u6a5f\u69cb\u7684\u671f\u671b\u6a19\u6e96.<\/p>\n<p>\u5169\u5bb6\u516c\u53f8\u90fd\u516c\u958b\u8b74\u8cacWoSign\u6545\u610f\u932f\u8aa4\u767c\u51fa\u8b49\u66f8, \u4ee5\u907f\u958b\u700f\u89bd\u5668\u9650\u5236\u548cCA\u8981\u6c42, \u4ed6\u5011\u9084\u6307\u8cacWoSign\u6536\u8cfcStartCom, WoSign\u548cStartCom\u7ba1\u7406\u5c64\u7a4d\u6975\u5617\u8a66\u8aa4\u5c0e\u700f\u89bd\u5668\u793e\u7fa4\u95dc\u65bc\u9019\u5169\u5bb6\u516c\u53f8\u7684\u6536\u8cfc\u548c\u95dc\u4fc2.<\/p>\n<p>\u6700\u53ef\u6015\u7684\u662fWoSign\u7684\u8aa4\u767c\u8b49\u66f8. GitHub\u7684\u5b89\u5168\u5c0f\u7d44\u65bc2016\u5e748\u670817\u65e5\u901a\u77e5Google, WoSign\u672a\u7d93\u6388\u6b0a\u5c31\u5411GitHub\u7684\u5176\u4e2d\u4e00\u500b\u57df\u540d\u9812\u767c\u4e86\u8b49\u66f8. Google\u8207Mozilla\u548c\u5b89\u5168\u793e\u5340\u5408\u4f5c, \u767c\u73fe\u4e86\u8a31\u591a\u985e\u4f3c\u7684\u6848\u4f8b.<\/p>\n<p>Mozilla\u7279\u5225\u767c\u5e03\u4e8613\u9801\u7684\u5831\u544a, \u89e3\u91cb\u4e86WoSign\u548cStartCom\u6240\u63d0\u51fa\u7684\u56b4\u91cd\u554f\u984c. Mozilla\u767c\u73feWoSign\u66fe\u7d93\u628aSSL\u8b49\u66f8\u65e5\u671f\u6539\u5230\u8f03\u65e9\u6642\u9593, \u4ee5\u907f\u958bCA\u57282016\u5e741\u67081\u65e5\u4e4b\u524d\u505c\u6b62\u767c\u5e03SHA-1 SSL\u8b49\u66f8\u7684\u622a\u6b62\u65e5\u671f.<\/p>\n<p>Google\u8868\u793a, \u5f9eChrome 56\u958b\u59cb\u5c07\u57282016\u5e7410\u670821\u65e5\u4e4b\u5f8c\u4e0d\u4fe1\u4efbWoSign\u548cStartCom\u8b49\u66f8. \u5728\u6b64\u65e5\u671f\u4e4b\u524d\u767c\u884c\u7684\u8b49\u66f8, \u5982\u679c\u9075\u5b88Chrome\u653f\u7b56\u7684Certificate Transparency, \u6709\u53ef\u80fd\u6703\u7e7c\u7e8c\u53d7\u5230\u4fe1\u8cf4.<\/p>\n<p>\u860b\u679c\u516c\u53f8\u5ba3\u5e03\u5c07\u963b\u622a\u7531WoSign CA Free SSL Certificate G2\u4e2d\u7e7cCA\u9812\u767c\u7684\u8b49\u66f8.<\/p>\n<p>\u7576\u6211\u5011\u8ac7\u8ad6\u5230SSL\u8b49\u66f8, \u5b89\u5168\u6027\u662f\u6700\u91cd\u8981\u7684. \u5411\u4e00\u4e9b\u4e0d\u9075\u7167\u570b\u969b\u6a19\u6e96\u7684\u8b49\u66f8\u9812\u767c\u6a5f\u69cb(CA)\u8cfc\u8cb7SSL\u8b49\u66f8, \u6216\u662f\u4f7f\u7528\u514d\u8cbb\u7684SSL\u4e26\u4e0d\u662f\u4e00\u500b\u597d\u9078\u64c7. \u4e0d\u4f46\u6703\u628a\u4f60\u7684\u7db2\u7ad9\u548c\u5ba2\u6236\u7684\u8cc7\u6599\u653e\u5230\u4e00\u500b\u5371\u96aa\u7684\u4f4d\u7f6e\u4e0a, \u66f4\u53ef\u80fd\u5c0e\u81f4\u4f60\u7684\u7db2\u7ad9\u51fa\u73fe\u932f\u8aa4\u5687\u8dd1\u4f60\u7684\u5ba2\u6236. \u5982\u679c\u4f60\u9084\u5728\u4f7f\u7528\u9019\u4e9b\u8b49\u66f8, \u7acb\u5373\u8f49\u7528\u4e00\u4e9b\u570b\u969b\u5927\u54c1\u724c\u5982Symantec, Geotrust, Thawte, RapidSSL, Comodo\u7684\u8b49\u66f8\u5427, \u9019\u53ef\u8b93\u4f60\u6e1b\u5c11\u5f88\u591a\u7169\u60f1\u548c\u63d0\u9ad8\u4f60\u7684\u7db2\u7ad9\u5b89\u5168\u6027.<\/p>\n<p>\u53c3\u8003:<br \/>https:\/\/security.googleblog.com\/2016\/10\/distrusting-wosign-and-startcom.html<br \/>https:\/\/blog.mozilla.org\/security\/2016\/10\/24\/distrusting-new-wosign-and-startcom-certificates\/<br \/>https:\/\/support.apple.com\/en-us\/HT204132<\/p>\n<p><\/p>","protected":false},"excerpt":{"rendered":"<p>\u5982\u679c\u60a8\u4f7f\u7528StartCom (StartSSL) \u6216WoSign\u8b49\u66f8, \u662f\u6642\u5019\u9700\u8981\u66f4\u8b8a\u4e86! Mozilla\u65bc2016\u5e7410\u670824\u65e5\u5ba3\u5e03, \u5f9eFirefox 51\u958b\u59cb, WoSign\u548cStartCom\u767c\u884c\u7684\u8b49\u66f8\u5c07\u4e0d\u88ab\u4fe1\u4efb. Google\u4e5f\u65bc2016\u5e7410\u670831\u65e5\u5ba3\u5e03, \u5f9e2017\u5e741\u6708Chrome 56\u958b\u59cb, Chrome\u5c07\u4e0d\u4fe1\u4efb\u8a8d\u8b49\u6a5f\u69cb\u7c3d\u767c\u7684\u8b49\u66f8 &#8211; WoSign\u548cStartCom, \u4ed6\u5011\u4e0d\u7b26\u5408\u8a8d\u8b49\u6a5f\u69cb\u7684\u671f\u671b\u6a19\u6e96. \u5169\u5bb6\u516c\u53f8\u90fd\u516c\u958b\u8b74\u8cacWoSign\u6545\u610f\u932f\u8aa4\u767c\u51fa\u8b49\u66f8, \u4ee5\u907f\u958b\u700f\u89bd\u5668\u9650\u5236\u548cCA\u8981\u6c42, \u4ed6\u5011\u9084\u6307\u8cacWoSign\u6536\u8cfcStartCom, WoSign\u548cStartCom\u7ba1\u7406\u5c64\u7a4d\u6975\u5617\u8a66\u8aa4\u5c0e\u700f\u89bd\u5668\u793e\u7fa4\u95dc\u65bc\u9019\u5169\u5bb6\u516c\u53f8\u7684\u6536\u8cfc\u548c\u95dc\u4fc2. \u6700\u53ef\u6015\u7684\u662fWoSign\u7684\u8aa4\u767c\u8b49\u66f8.<\/p>\n","protected":false},"author":1,"featured_media":89,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[9],"tags":[32,33,34],"_links":{"self":[{"href":"https:\/\/www.sslcert.com.hk\/blog\/tw\/wp-json\/wp\/v2\/posts\/63"}],"collection":[{"href":"https:\/\/www.sslcert.com.hk\/blog\/tw\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sslcert.com.hk\/blog\/tw\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sslcert.com.hk\/blog\/tw\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sslcert.com.hk\/blog\/tw\/wp-json\/wp\/v2\/comments?post=63"}],"version-history":[{"count":0,"href":"https:\/\/www.sslcert.com.hk\/blog\/tw\/wp-json\/wp\/v2\/posts\/63\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.sslcert.com.hk\/blog\/tw\/wp-json\/wp\/v2\/media\/89"}],"wp:attachment":[{"href":"https:\/\/www.sslcert.com.hk\/blog\/tw\/wp-json\/wp\/v2\/media?parent=63"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sslcert.com.hk\/blog\/tw\/wp-json\/wp\/v2\/categories?post=63"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sslcert.com.hk\/blog\/tw\/wp-json\/wp\/v2\/tags?post=63"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}