increase workload? Chrome will have its own dedicated certificate root store - Code World

increase workload? Chrome will have its own dedicated certificate root store

News 2020-11-03 10:34:49 views: null

Google announced plans to run its own certificate root program/storage for Chrome. This move is a major shift in the company's web browser program architecture.

A "root program" or "root store" is a list of root certificates used by operating systems and applications to verify their identity during the installation of software routines. Browsers such as Chrome use root storage to check the validity of the HTTPS connection. They do this by looking at the TLS certificate of the website and checking whether the root certificate used to generate the TLS certificate is included in the local root program/store.

Google plans to create its own root directory storage called Chrome Root Program , which will be provided with all versions of Chrome on all platforms except iOS. The project is still in its initial stages, and there is no timetable for when Chrome will transition from using the operating system root storage to its internal list.

Google manufacturers have issued rules for certification authorities (CAs). Browser manufacturers are urging CAs to read these rules and apply to be added to the new Chrome root program whitelist to ensure that Chrome users can transition seamlessly by then.

As ZDNet said, this method of packaging root storage in the browser without using the underlying operating system is nothing new, and Mozilla's Firefox has been doing this. There are many reasons for Google to do this. The first is that Chrome’s security team can intervene and ban misbehaving CAs more quickly. Second, Google wants to provide a consistent experience and common implementation on all platforms.

However, Google's move does not seem to be very welcome. The IT administrator of a large software company in Iasi, Romania accused that this would bring more work to the system administrator . "We now have another root storage list to manage, a new group policy to set, and a new change log to follow up. We are already very busy."

A Reddit user also said that this is not an improvement, it just makes it more difficult for companies that have their own CA to keep everything in sync.

Guess you like

Origin www.oschina.net/news/119656/chrome-dedicated-certificate-root-store

increase workload? Chrome will have its own dedicated certificate root store

Hbuilder with its own certificate shelves packed ios App AppStore process

loop each element and perform its own action and then store it in list<String>

chrome embeds its own js on the page

Every derived table must have its own alias

Mysql错误：Every derived table must have its own alias

报错-Every derived table must have its own alias

Android App generates a signature certificate, and uniapp generates its own certificate for packaging

Validation certificate, the root certificate

wap2app tips generate its own certificate (Andrews articles)

Microsoft wants Chrome to use its own modern 'Fluent' scrollbar

Meituan is struggling to increase its commissions. Is it hungry to empower small businesses, who can have the last laugh?

【mysql报错】[Err] 1248 - Every derived table must have its own alias

Arrow function does not have its own this, arguments, super or new.target?

Let the self-built website have its own domain name (2)

Is Java breaking its own rules with setter methods that have non-void return types?

【GPT-4】Interview with HuggingFace: OpenAI is nothing to fear, every company will have its own GPT-4

Android application design style should have its own uniqueness and should not completely imitate iOS

Every company can have its own large model, which is wonderful.

It has its own blog

Write its own shell

.net core web project fails exception information: Add the certificate to the root certificate store failed trusted with the following error: Invalid access control list (ACL) structure

The latest ADB toolbox R34 download in 2023 - with its own driver, common ADB commands, brush machine ROOT artifact

Root tree and its application

Have their own rhythm

window7 certificate store

Fiddler mobile phone download certificate prompts No root certificate was found. Have you enabled HTTPS traff solution and there is no network problem after configuring the proxy on the mobile phone

npm uploads its own package and updates its own published package

Using its own floating layout

Two issues of its own records

Recommended

Linus is the most active in "eating dog food"!

Ranking

Share good programmer web front-end array and sorting, de-duplication and random roll call

Compilation error caused by cv_bridge and python version problems error: return-statement with no value, in function returning'void*' [-fpe

魔众帮助中心系统 v3.1.0 首页切换器，界面优化

Die beim Millimeterwellenradar-Integrationstest aufgetretene Grube (Multiprozessbindung an einen UDP-Port verursacht Probleme)

How to suppress the "requires transitive directive for an automatic module" warning properly?

LeetCode-1743. Restore the Array From Adjacent Pairs-Analysis and Code (Java)

Summer 2019 Summer soft essay 7 workers

Python中Assert断言的使用语法和例子

LeetCode one question per day (2021-2-3 sliding window median)

Fairchild, the ancestor of semiconductors, the legend of the first trillion-dollar start-up

Daily

More

2024-05-20(5)

2024-05-19(0)

2024-05-18(31)

2024-05-17(6)

2024-05-16(23)

2024-05-15(5)

2024-05-14(9)

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)