Actually.. I am more concerned with Verisign being part of this. "In the near future, Google Chrome and Mozilla Firefox will begin distrusting SSL certificates from Symantec, GeoTrust, Thawte, VeriSign, Equifax, and RapidSSL."
There are a lot of shops that trust VeriSign for server certs that are being trusted for mainframe related transactions. If the certs are issued improperly, it brings up a man in the middle attack that most would not be looking for because they "trust" VeriSign!. I am sure that there are other attacks that may be possible. This is quite disturbing. Personally, I would never trust Equifax.. they have proved themselves untrustworthy with the multiple security debacles this past year or so. But I had come to trust the others. Guess I should take a line from Dragnet "Just the facts ma'am" Rob Schramm On Sun, Sep 9, 2018 at 11:45 AM scott Ford <[email protected]> wrote: > Exactly > > On Sun, Sep 9, 2018 at 11:13 AM Paul Gilmartin < > [email protected]> wrote: > > > On Sun, 9 Sep 2018 10:39:59 -0400, Rob Schramm wrote: > > > > >Seems relevant .. the whole purpose in using a CA is trust. > > > > > > > > > https://www.templarbit.com/blog/2018/09/07/the-story-of-why-chrome-and-firefox-will-soon-block-sites-with-certain-ssl-certificates/ > > > > > The accused is Symantec and its subsidiaries. > > > > What's the current reputation of Symantec Antivirus? > > > > -- gil > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to [email protected] with the message: INFO IBM-MAIN > > > -- > Scott Ford > IDMWORKS > z/OS Development > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > -- Rob Schramm ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
