Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday December 07 2017, @03:01PM   Printer-friendly
from the clear-warning-to-other-CAs dept.

StartCom customers received word that the company would close down as a certification authority due to the protective action browser manufacturers took against it, over a year ago. The news of the company closing down had been published November 16th on their website, but went unnoticed until now.

StartCom has played a critical role as a Certification Authority in data security and electronic commerce by providing an independent "trusted third party" guarantee all these years.
Around a year ago the majority of the browser makers decided to distrust StartCom, remove the StartCom root certificates from their root stores and not accept newly end entity certificates issued by StartCom.
Despite the efforts made during this time by StartCom, up to now, there has not been any clear indication from the browsers that StartCom would be able to regain the trust. Therefore, the owners of StartCom have decided to terminate StartCom as a Certification Authority (CA).
From January 1st, 2018, StartCom will not issue any new end entity certificate and will only provide validation services through its OCSP and CRL services for two years from January 1st, 2018. Starting 2020, all remaining valid certificates will be revoked.
StartCom wants to thank all of our customers and partners during these years for their support.

Disclaimer: Early on, SoylentNews used StartCom certs.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Informative) by FatPhil on Thursday December 07 2017, @03:52PM (5 children)

    by FatPhil (863) <reversethis-{if.fdsa} {ta} {tnelyos-cp}> on Thursday December 07 2017, @03:52PM (#606836) Homepage
    What about all those other CA authorities (and therefore thereby signed other certificates) that my browser comes with that oblige me (I can't disable them, they're built in, when I delete them, they reappear) to trust? The tree of transitive (and if you think about it, in some way's it's symmetric too) absolute trust is so utterly fragile I'm aghast that it's still a thing.

    Did we learn nothing from Honest Achmed? (https://bugzilla.mozilla.org/show_bug.cgi?id=647959 still bloody funny all these years later.)
    --
    Life is a precious commodity. A wise investor would get rid of it when it has the highest value.
    Starting Score:    1  point
    Moderation   +2  
       Informative=1, Funny=1, Total=2
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 0) by Anonymous Coward on Thursday December 07 2017, @03:59PM

    by Anonymous Coward on Thursday December 07 2017, @03:59PM (#606839)

    What about those CAs that have fucked up in the past, and still enjoy being built in, like Commodo?
    Makes me wonder how much cash does flow to the browser oligarchs to make amends.

  • (Score: 0) by Anonymous Coward on Thursday December 07 2017, @05:18PM (2 children)

    by Anonymous Coward on Thursday December 07 2017, @05:18PM (#606875)

    What about all those other CA authorities (and therefore thereby signed other certificates) that my browser comes with that oblige me (I can't disable them, they're built in, when I delete them, they reappear) to trust?

    What browser do you use? I'd certainly expect that CAs I disabled remain disabled, but I admittedly never checked.

    • (Score: 2) by FatPhil on Thursday December 07 2017, @09:41PM (1 child)

      by FatPhil (863) <reversethis-{if.fdsa} {ta} {tnelyos-cp}> on Thursday December 07 2017, @09:41PM (#607008) Homepage
      Firefox. Turktrust. Delete. Restart. Fuck.
      --
      Life is a precious commodity. A wise investor would get rid of it when it has the highest value.
      • (Score: 0) by Anonymous Coward on Thursday December 07 2017, @10:29PM

        by Anonymous Coward on Thursday December 07 2017, @10:29PM (#607017)

        Yes, but you didn't read the small print. It said "Delete or distrust, for built-in tokens all trust is removed which is basically the same thing as removal."

        You can verify this with the Edit trust... button.

  • (Score: 2) by takyon on Thursday December 07 2017, @07:46PM

    by takyon (881) Subscriber Badge <reversethis-{gro ... s} {ta} {noykat}> on Thursday December 07 2017, @07:46PM (#606964) Journal

    Check out that buzzkill from 3 years ago.

    --
    [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]