Google has recently announced they are considering to downgrade SSL certificates issued by Symantec, see the post from March 23, 2017: https://groups.google.com/a/chromium.org/forum/m/#%21msg/blink-dev/eUAKwjihhBs/rpxMXjZHCQAJ
Symantec answered on March 24, 2017: https://www.symantec.com/connect/blogs/symantec-backs-its-ca
What would this imply for InterSSL customers?
True BusinessID ("Extended Validation"):
The certificates would still be trusted in future versions of Google Chrome, however they would not show the company name in the address bar anymore, just like regular domain validated certificates. Customers that have recently purchased a True BusinessID certificate and are still within the 14-day money-back-guarantee have been contacted by InterSSL, in case they want to switch to another brand.
Affected products are now showing a special tick box during the order process notifying about the potential future changes in Google Chrome.
RapidSSL & QuickSSL Premium:
The "RapidSSL" and "QuickSSL Premium" products will be trusted. However, Google wants to limit the maximum age for certificates to still be trusted. There would be a long grace period. The maximum ages suggested by Google:
- Chrome 59 (Dev, Beta, Stable): 33 months validity (1023 days)
- Chrome 60 (Dev, Beta, Stable): 27 months validity (837 days)
- Chrome 61 (Dev, Beta, Stable): 21 months validity (651 days)
- Chrome 62 (Dev, Beta, Stable): 15 months validity (465 days)
- Chrome 63 (Dev, Beta): 9 months validity (279 days)
- Chrome 63 (Stable): 15 months validity (465 days)
- Chrome 64 (Dev, Beta, Stable): 9 months validity (279 days)
According to Symantec, no actions are currently required. We will follow the discussion and keep you posted.
Friday, March 24, 2017