在「Stable Channel Update」這邊看到 Google Chrome 釋出 40 版,除了修正了一卡車的安全性問題外,其實我是因為發現對於使用 SHA-1 certificate 的 SSL icon 又不一樣才發現的...
借 Plurk 的 domain 看一下:
以及 Imgur 的 domain:
參考 Gradually Sunsetting SHA-1 這篇文章的說明。
使用 SHA-1 SSL certificate,有效期間在 2016 年的會顯示黃色三角形 icon:
Sites with end-entity certificates that expire between 1 June 2016 to 31 December 2016 (inclusive), and which include a SHA-1-based signature as part of the certificate chain, will be treated as “secure, but with minor errors”.
而有效期超過 2016 年的 SHA-1 SSL certificate 會顯示沒有安全的標記:
Sites with end-entity certificates that expire on or after 1 January 2017, and which include a SHA-1-based signature as part of the certificate chain, will be treated as “neutral, lacking security”.
不過剛剛測了一下,EV SSL 好像不在此限?