Security News > 2024 > August > Firefox's Mozilla follows Google in losing trust in Entrust's TLS certificates
Mozilla is following in Google Chrome's footsteps in officially distrusting Entrust as a root certificate authority following what it says was a protracted period of compliance failures.
Entrust has apologized to Google, Mozilla, and the wider web community, outlining its plans to regain the trust of browsers, but these appear to be unsatisfactory to both Google and Mozilla.
"Mozilla previously requested that Entrust provide a detailed report on these recent incidents and their root causes, an evaluation of Entrust's recent actions in light of their previous commitments given in the aftermath of similarly serious incidents in 2020, and a proposal for how Entrust will re-establish Mozilla's and the community's trust," said Wilson.
SSL.com certs bought through Entrust will still read "Entrust" in customers' browsers and customer support will be managed through the company too.
SSL.com will just be the provider, making Entrust a registration authority rather than a CA. However, customers have already pointed out in various online discussions that the premium Entrust is charging on these SSL.com certs is something to behold.
Mozilla will officially stop trusting certificates issued by Entrust after November 30, 2024.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/08/01/mozilla_entrust/
Related news
- Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent (source)
- Mozilla accused of tracking users in Firefox without consent (source)
- Mozilla fixes Firefox zero-day actively exploited in attacks (source)
- Mozilla patches critical Firefox vuln that attackers are already exploiting (source)