Upcoming Policy Changes to SSL Certificates in Chrome Browser

September 27, 2013 | By Editor 

SSL Certificate in Chrome Browser

With the sole motive to protect consumers and stop malware websites or trojans from attacking private datas, every web browser is now busy updating their policies. Among them, the tool known as SSL Certificates is top priority because it is the one that encrypts every packet of data sent online and protects private information from being leaked. As consumers always deal with certified websites, there are rogue organizations which try to mimic original certs and switch them so that the proposed data ends up with the hacker.

To avoid this, Mozilla is already releasing Firefox 25 and Firefox 26 is under beta stage which will soon become widestream after fixing all identified bugs. In the same lines, earlier Google revoked old encryptions used in certificates and has now implemented multiple policy changes with regards to the Chrome browser.

Websites which have SSL Certificates installed in them, are active and can be properly encrypted using 2048 bit encryption are the ones that Chrome will accept. Companies and certificate authorities behind the issuance of these certificates are also in the process of revoking older certificates.

The new policy changes implemented in Chrome browser include that every banking website and sites which collect private information should strongly adhere to the baseline requirements. Those that are using outdated certificates, self signed certs and ones that are not issued by a publicly verified certificate authority will most probably shown a warning sign whenever users enter the site. This will stop customers from interacting with the website or browsing it or buying products thus having a negative impact on conversion rate.

Such measures implemented by Chrome in terms of SSL Certificates is expected to solve the issue of rogue websites and malware distribution links. Legitimate websites which propose to reach consumers and build a brand should reconsider their strategy. Even though, they are being forced indirectly to move to certificate authority issued certs, in practical usage they are much more secure than individual ones. The verified authorities are part of the CAB forum and are always updated with latest information which allows them to stay ahead of malware attackers as well their sophisticated deployment of trojan strategies. Extended validation certificate will also be improved. EV SSL is the most popular variant which displays a green address bar in the verified website and certificate transparency is now being demanded by Google Chrome to offer best possible protection for its users.


Posted in SSL

Be Sociable, Share!

Leave a Comment


* fields are mandatory