Batu69 Posted January 28, 2017 Share Posted January 28, 2017 Google announced yesterday plans to become a self-standing, certified, and independent Root Certificate Authority, meaning the company would be able to issue its own TLS/SSL certificates for securing its web traffic via HTTPS, and not rely on intermediaries, as it does now. In the past years, Google has used certificates issued by several companies, with the latest suppliers being GlobalSign and GeoTrust. Currently, Google is operating a subordinate Certificate Authority (Google Internet Authority G2 - GIAG2), which manages and deploys certificates to Google's infrastructure. Google is currently in the process of migrating all services and products from GIAG2 certificates to the new Root Certificate Authority, named Google Trust Services (GTS). According to the search giant, the migration to GTS will take time, and users will see mixed certificates from both GIAG2 and GTS until then. What this means for regular users is that when they'll click to view a site's HTTPS security certificate, it will say "Google Trust Services" instead of Google Internet Authority, GeoTrust, GlobalSign, or any other term. This will make it easier to identify authentic Google services. For Google, GTS means its engineers will have full control over its HTTPS certificates since the time they're issued to the time they're revoked. Situations, when another Certificate Authority issues SSL certificates for Google domains, will stand out immediately. GTS will provide HTTPS certificates for a broad range of services, such as public websites to API servers, for all Alphabet companies, not just Google. More technical information, such as Google's current active root certificates and their https://pki.goog/SHA1 fingerprints are available on the Google Trust Services homepage. Article source Link to comment Share on other sites More sharing options...
vitorio Posted January 28, 2017 Share Posted January 28, 2017 Been a giant has some advantages!!! You try not to depend on anyone when possible. Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted January 28, 2017 Administrator Share Posted January 28, 2017 Well, I thought this would not be limited to Google services only, but still, it's good thing. Link to comment Share on other sites More sharing options...
straycat19 Posted January 30, 2017 Share Posted January 30, 2017 On 1/28/2017 at 0:00 PM, DKT27 said: Well, I thought this would not be limited to Google services only, but still, it's good thing. I believe that depends on how well they do in protecting their certificates. CAs do not have a very good track record of keeping hackers from getting access to valid certificates for nefarious uses. Having another CA just gives them another source. Sometimes companies tend to get too big. Like when Symantec bought VeriSign and gained a business they had no knowledge of which led to problems with their certificates. Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted January 30, 2017 Administrator Share Posted January 30, 2017 4 minutes ago, straycat19 said: I believe that depends on how well they do in protecting their certificates. CAs do not have a very good track record of keeping hackers from getting access to valid certificates for nefarious uses. Having another CA just gives them another source. Sometimes companies tend to get too big. Like when Symantec bought VeriSign and gained a business they had no knowledge of which led to problems with their certificates. Still, I would rather trust Google to protect themselves from hacks rather than anything else I think. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.