Chrome Root Store policy update looking to require an automated option for obtaining certificates
Chrome Root Store policy update looking to require an automated option for obtaining certificates
TL;DR: Automated certificate issuance and management strengthens the underlying security assurances provided by Transport Layer Security (TL...
Upcoming Policy Changes
One of the major focal points of Version 1.5 requires that applicants seeking inclusion in the Chrome Root Store must support automated certificate issuance and management. [...] It’s important to note that these new requirements do not prohibit Chrome Root Store applicants from supporting “non-automated” methods of certificate issuance and renewal, nor require website operators to only rely on the automated solution(s) for certificate issuance and renewal. The intent behind this policy update is to make automated certificate issuance an option for a CA owner’s customers.
Can somebody ELI5?
Google trough the Chrome Project are pushing certificate authorities to offer automated certificates services to customers to make their use more prolific. Certificate authorities only have value if they are included in the certificate store, so they will do whatever it takes to be in there. Certificate authorities are the organizations we trust to say if a website is secure enough to display the lock in the browser instead of an error.