Security & Fraud

Google, Symantec Battling Over Internet Encryption

Google is picking up its fight with Symantec, saying last week that it is reducing the level and length of trust Chrome will give Symantec-issued certificates.

According to a report in TechCrunch, Google contends Symantec hasn’t been taking its role seriously and has released 30,000 or more certificates in which the security software company didn’t verify the websites received the certificates. The report noted the allegation against Symantec is serious and undermines the trust users place in the encrypted web.

Google also said it’s in the process of distrusting Symantec certificates in Google’s Chrome browser. Symantec called Google’s allegations “irresponsible” and “exaggerated and misleading,” noted the report.

“Since Jan. 19, the Google Chrome team has been investigating a series of failures by Symantec Corporation to properly validate certificates. Over the course of this investigation, the explanations provided by Symantec have revealed a continually increasing scope of misissuance with each set of questions from members of the Google Chrome team; an initial set of reportedly 127 certificates has expanded to include at least 30,000 certificates, issued over a period spanning several years,” Google Software Engineer Ryan Sleevi wrote in a forum post outlining the case against Symantec.

“This is also coupled with a series of failures following the previous set of misissued certificates from Symantec, causing us to no longer have confidence in the certificate issuance policies and practices of Symantec over the past several years,” he wrote.

To fix the situation, the Google executive said Chrome will scale back the length of time its Chrome browser trusts certificates issued by Symantec, and over time websites will have to replace their old Symantec certificates with newer ones that are more trustworthy, noted the report. Sleevi noted Symantec hasn’t met the minimum requirements for issuing certificates and puts Chrome users at risk.

——————————

WATCH LIVE: HOW WE SHOP – TUESDAY, NOVEMBER 10, 2020 – 12:00 PM (ET)

New forms of alternative credit and point-of-sale (POS) lending options like ‘buy now, pay later’ (BNPL) leverage the growing influence of payments choice on customer loyalty. Nearly 60 percent of consumers say such digital options now influence where and how they shop—especially touchless payments and robust, well-crafted ecommerce checkouts—so, merchants have a clear mandate: understand what has changed and adjust accordingly. Join PYMNTS CEO Karen Webster together with PayPal’s Greg Lisiewski, BigCommerce’s Mark Rosales, and Adore Me’s Camille Kress as they spotlight key findings from the new PYMNTS-PayPal study, “How We Shop” and map out faster, better pathways to a stronger recovery.

Click to comment

TRENDING RIGHT NOW