Jump to content
Facebook Twitter Youtube

[Software] Google Chrome has stolen an important security feature from its rival


AL_MAOT
 Share

Recommended Posts

Google will follow in Mozilla's footsteps by adding its own root store to Chrome

 

s6xtB2NZrPAWyFNA3ozjCh-1024-80.jpg.webp

 

Google is planning to follow in Mozilla's footsteps as the search giant has announced plans to run its own certificate root program/store for its Chrome browser.

While operating systems and applications use a “root program” or “root store” to verify the identity of software during installation, Chrome and other web browsers use root stores to ensure that HTTPS connections are valid. They do this by examining a website's TLS certificate to determine whether the root certificate used to generate it is included in a local root program/store.

Unlike Mozilla Firefox which includes its own root store, Chrome has been configured since its launch in 2009 to use the root store of the operating system it is currently running on. So on Windows machines Chrome checks a site's TLS certificate against the Microsoft Trusted Root Program and on macOS devices the browser does so using the Apple Root Certificate program.

 

We've put together a list of the best anonymous browsers around
These are the best Windows 10 VPNs for your PC
Also check out our roundup of the best proxy service providers


In the future though, Google's web browser will use its own root store to determine whether HTTPS connections are valid.

 

Chrome Root Program


In a new post on the The Chromium Project's webpage, Google has revealed its plans to create its own root store called the Chrome Root Program. The new root store will eventually ship with all versions of Chrome though it won't be coming to Chrome for iOS.

At this time, the program appears to be in its early stages and Google has not yet provided a timeline for when the Chrome Root Program will go live. However, the company has published rules for Certificate Authorities (CAs), which issue TLS certificates for websites, so that they can be ready when the time comes. Google provided more guidance for CAs in its post announcing the Chrome Root Program, saying:

“As this transition occurs, CAs should continue to work with the relevant vendors of operating systems where Chrome is supported to additionally request inclusion within their root certificate programs as appropriate. This will help minimize any disruption or incompatibilities for end users, by ensuring that Chrome is able to validate certificates from the CA regardless of whether it is using the Chrome Root Store or existing platform integrations.”

By introducing its own root store, Google will be able to provide a more consistent experience and common implementation across all of the platforms its browser supports. Chrome's security team will also be able to step in and ban CAs that aren't following the rules more quickly. 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

WHO WE ARE?

CsBlackDevil Community [www.csblackdevil.com], a virtual world from May 1, 2012, which continues to grow in the gaming world. CSBD has over 70k members in continuous expansion, coming from different parts of the world.

 

 

Important Links