Notice to WoSign customers:

This announcement is for WoSign old roots:

1) CN=CA 沃通根证书, O=WoSign CA Limited, C=CN
2) CN=Certification Authority of WoSign, O=WoSign CA Limited, C=CN
3) CN=Certification Authority of WoSign G2, O=WoSign CA Limited, C=CN
4) CN=CA WoSign ECC Root, O=WoSign CA Limited, C=CN

This distrust action is no any relationship with the current trusted Managed 
Sub CA issued certificates, this distrust action doesn't affect all SSL 
certificates issued by the Managed Sub CA after Nov 21, 2016. WoSign have 
stopped to sell SSL certificate to customers from the above old roots that 
Microsoft plan to distrust since Oct 20, 2016.

敬告沃通用户:

微软宣布的是9月26日后不信任WoSign老根证书签发的证书,并不是指目前WoSign销售的SSL证书。目前销售的SSL证书都是从其他信任CA根证书签发的证书,不受任何影响。


Best Regards,

WoSign CA Limited



-----Original Message-----
From: dev-security-policy 
[mailto:dev-security-policy-bounces+richard=wosign....@lists.mozilla.org] On 
Behalf Of Percy via dev-security-policy
Sent: Wednesday, August 9, 2017 2:03 PM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Microsoft to remove WoSign and StartCom certificates in Windows 10

https://blogs.technet.microsoft.com/mmpc/2017/08/08/microsoft-to-remove-wosign-and-startcom-certificates-in-windows-10/

Microsoft has concluded that the Chinese Certificate Authorities (CAs) WoSign 
and StartCom have failed to maintain the standards required by our Trusted Root 
Program. Observed unacceptable security practices include back-dating SHA-1 
certificates, mis-issuances of certificates, accidental certificate revocation, 
duplicate certificate serial numbers, and multiple CAB Forum Baseline 
Requirements (BR) violations.

Thus, Microsoft will begin the natural deprecation of WoSign and StartCom 
certificates by setting a “NotBefore” date of 26 September 2017. This means all 
existing certificates will continue to function until they self-expire. Windows 
10 will not trust any new certificates from these CAs after September 2017.

Microsoft values the global Certificate Authority community and only makes 
these decisions after careful consideration as to what is best for the security 
of our users.
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to