This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Why are Wo Sign Certs Still Trusted?

https://www.globalsign.com/en/blog/big-changes-in-the-certificate-authority-industry/

WoSign/StartCom No More

Over a year ago, Google and Mozilla launched an investigation into the certificate issuance practices of WoSign. What it uncovered was a history of bad practices by WoSign and its subsidiary, StartCom. Because both of these CAs were not maintaining expected standards, Google announced this July that it moved to begin distrusting their certificates.

Then, just a few weeks ago on November 17, 2017, it was announced that StartCom was going out of business. Startcom and Wosign certificates have been put on untrusted lists by the big browser firms including Mozilla, Apple, Google and Microsoft.

This thread was automatically locked due to age.

0 BAlfson over 6 years ago

Thanks, dude! That's what the French would call une BA - une bonne action.

I will get a note off to all of my clients to disable those CAs on the 'HTTPS CAs' tab of 'Filtering Options'.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel