Security News > 2024 > August > Firefox's Mozilla follows Google in losing trust in Entrust's TLS certificates
Mozilla is following in Google Chrome's footsteps in officially distrusting Entrust as a root certificate authority following what it says was a protracted period of compliance failures.
Entrust has apologized to Google, Mozilla, and the wider web community, outlining its plans to regain the trust of browsers, but these appear to be unsatisfactory to both Google and Mozilla.
"Mozilla previously requested that Entrust provide a detailed report on these recent incidents and their root causes, an evaluation of Entrust's recent actions in light of their previous commitments given in the aftermath of similarly serious incidents in 2020, and a proposal for how Entrust will re-establish Mozilla's and the community's trust," said Wilson.
SSL.com certs bought through Entrust will still read "Entrust" in customers' browsers and customer support will be managed through the company too.
SSL.com will just be the provider, making Entrust a registration authority rather than a CA. However, customers have already pointed out in various online discussions that the premium Entrust is charging on these SSL.com certs is something to behold.
Mozilla will officially stop trusting certificates issued by Entrust after November 30, 2024.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/08/01/mozilla_entrust/
Related news
- Google to Block Entrust Certificates in Chrome Starting November 2024 (source)
- Mozilla Firefox can now secure access to passwords with device credentials (source)
- Google cuts ties with Entrust in Chrome over trust issues (source)
- DigiCert mass-revoking TLS certificates due to domain validation bug (source)