Новая версия браузера Google Chrome запланирована к выходу на 16 октября, и обозреватели предупреждают о проблеме, с которой могут столкнуться его пользователи. Дело в том, что в Google решили отозвать сертификаты безопасности выданные Symantec. Решение принято после того, были выявлены несоответствия инфраструктуры стандартам безопасной выдачи сертификатов у Symantec. Дело в том, что Symantec разрешил множеству компаний выпускать сертификаты, несмотря на явные нарушения безопасности внутри этих организаций. Часть этих сертификатов Google уже отменила в июне 2016 года.

---

Google Chrome

Теперь, с релизом Chrome 70 любые сертификаты, выданные агентствами VeriSign, Thawte, Equifax и другими, окажутся недействительными.

Исследователь Скотт Хельме недавно провёл анализ сайтов, которые попадут под запрет. Оказалось, что в их число входят финансовые учреждения, например, Federal Bank of India, Penn State Federal, правительственные ресурсы Тель-Авива и даже сайт Ferrari.

При этом отмечается, что ограничения могут не затронуть некоторые субдомены, так что доступ может быть ограничен не ко всем сайтам, а лишь к некоторым их разделам.

English:

The next version of Chrome might break a few websites

The next version of Google's Chrome browser, scheduled for release next week, will remove trust for some security certificates issued by Symantec. This has been part of Google 's plans since last year when it was discovered that Symantec's infrastructure for issuing security certificates wasn't compliant with industry standards. It was also known that Symantec gave many organizations the ability to issue certificates despite being aware of security issues within said organizations.

As part of these plans, Google already dropped support for Symantec certificates issued prior to June 1, 2016, with the release of Chrome 66. Now, with Chrome 70, any security certificates issued by the agency's brands - which include VeriSign, Thawte, Equifax, and more - based on the old infrastructure, regardless of date, will no longer work in the browser.

Researcher Scott Helme recently ran a test to see just how many websites weren't compliant with the new rules and found that many popular websites still weren't ready. To do so, he scanned Alexa's list of the most popular million websites out there. Affected agencies include the Federal Bank of India, Penn State Federal, and others. As noted by TechCrunch, some websites which were found to be non-compliant at the time have since addressed that issue, including the likes of Ferrari.

On the other hand, Helme's list doesn't cover sub-domains in the websites scanned, so it's possible that only certain parts of those pages will break. A comment on his article pointed out that Lenovo's support page wasn't ready for the transition, but you'll now find that it's switched to a certificate issued by DigiCert, with a relevant message warning visitors about the change.

Chrome is the most popular web browser on the market, and the fact that it's dropping support for these certificates has naturally prompted companies to make the switch more quickly. It's possible that most users won't feel the effect of the transition, but if you do run into issues, this might be the reason why.

Source: /Источники:
https://www.neowin.net/news/the-next-version-of-chrome-might-break-a-few-websites
https://nvworld.ru/news/chrome-70-to-block-popular-sites/