Google Chrome 釋出 40 版

在「Stable Channel Update」這邊看到 Google Chrome 釋出 40 版,除了修正了一卡車的安全性問題外,其實我是因為發現對於使用 SHA-1 certificate 的 SSL icon 又不一樣才發現的...

Plurk 的 domain 看一下:


以及 Imgur 的 domain:

參考 Gradually Sunsetting SHA-1 這篇文章的說明。

使用 SHA-1 SSL certificate,有效期間在 2016 年的會顯示黃色三角形 icon:

Sites with end-entity certificates that expire between 1 June 2016 to 31 December 2016 (inclusive), and which include a SHA-1-based signature as part of the certificate chain, will be treated as “secure, but with minor errors”.

而有效期超過 2016 年的 SHA-1 SSL certificate 會顯示沒有安全的標記:

Sites with end-entity certificates that expire on or after 1 January 2017, and which include a SHA-1-based signature as part of the certificate chain, will be treated as “neutral, lacking security”.

不過剛剛測了一下,EV SSL 好像不在此限?

Leave a Reply

Your email address will not be published. Required fields are marked *