Tech Forums & Message Boards. Discuss Newest & Greatest Tech Trends. › Tech Forums & Message Boards. Discuss Newest & Greatest Tech Trends. › General Talk › Chrome 90: We’ll have a root cellar too
MemberSeptember 14, 2021 at 8:35 am
At the beginning of November, Google said it would soon switch from relying on the operating system’s built-in certificate verification to its own implementation for Chrome on all the browser’s supported platforms (minus iOS).
Creating and maintaining its own certificate “root store,” Google said, would “ensure users have a consistent experience across platforms, that developers have a consistent understanding of Chrome’s behavior, and that Chrome will be better able to protect the security and privacy of users’ connections to websites.”
The transition to a Chrome root store could come as soon as version 90, which should launch around March 2.
Chrome wouldn’t be the first to take this tack. Mozilla’s Firefox has long used its own certificate root store, in part because that “gives us the ability to set policies, determine which CAs [certificate authorities] meet them, and to take action when a CA fails to do so.” (Mozilla’s not fooling; it’s invalidated certificates before as punishment for going rogue.)
The change will likely impact enterprise most of all, as some businesses prefer to add their own root certificates to their devices, a task easier to do through the operating system’s root store. Google defended the decision, countering with: “We do not anticipate any changes to be required for how enterprises currently manage their fleet and trusted enterprise CAs.”