Cerrar
InicioCertificadosMicrosoft updates Trusted Root Certificate Program to reinforce trust in the Internet

Microsoft updates Trusted Root Certificate Program to reinforce trust in the Internet

Aquí os dejo una noticia para todos los que habitualmente trabajáis con Certificados Digitalez (y también para los que no), en donde MSFT nos indica que retirará una serie de certificados raíz del almacén local de certificados del equipo:

Certificate Authorities to be removed in January 2016

CA  Root Name  SHA1 Thumbprint
Certigna Certigna B12E13634586A46F1AB2606837582DC4ACFD9497
Ceska Posta PostSignum Root QCA 2 A0F8DB3F0BF417693B282EB74A6AD86DF9D448A3
CyberTrust Japan Certification Services, Inc. SecureSign RootCA1 CABB51672400588E6419F1D40878D0403AA20264
CyberTrust Japan Certification Services, Inc. SecureSign RootCA2 00EA522C8A9C06AA3ECCE0B4FA6CDC21D92E8099
CyberTrust Japan Certification Services, Inc. SecureSign RootCA3 8EB03FC3CF7BB292866268B751223DB5103405CB
DanID DanID 8781C25A96BDC2FB4C65064FF9390B26048A0E01
E-Certchile E-Certchile Root CA C18211328A92B3B23809B9B5E2740A07FB12EB5E
e-Tugra EBG Elektronik Sertifika Hizmet Saglayicisi 8C96BAEBDD2B070748EE303266A0F3986E7CAE58
e-Tugra E-Tugra Certification Authority 51C6E70849066EF392D45CA00D6DA3628FC35239
LuxTrust LuxTrust Global Root CA C93C34EA90D9130C0F03004B98BD8B3570915611
Nova Ljubljanska NLB Nova Ljubljanska Banka d.d. Ljubljana 0456F23D1E9C43AECB0D807F1C0647551A05F456
Post.Trust Post.Trust Root CA C4674DDC6CE2967FF9C92E072EF8E8A7FBD6A131
Secom SECOM Trust Systems Co Ltd. 36B12B49F9819ED74C9EBC380FC6568F5DACB2F7
Secom SECOM Trust Systems CO LTD 5F3B8CF2F810B37D78B4CEEC1919C37334B9C774
Secom SECOM Trust Systems CO LTD FEB8C432DCF9769ACEAE3DD8908FFD288665647D
Serasa Serasa Certificate Authority I A7F8390BA57705096FD36941D42E7198C6D4D9D5
Serasa Serasa Certificate Authority II 31E2C52CE1089BEFFDDADB26DD7C782EBC4037BD
Serasa Serasa Certificate Authority III 9ED18028FB1E8A9701480A7890A59ACD73DFF871
Wells Fargo WellsSecure Public Certificate Authority E7B4F69D61EC9069DB7E90A7401A3CF47D4FE8EE
Wells Fargo WellsSecure Public Root Certification Authority 01 G2 B42C86C957FD39200C45BBE376C08CD0F4D586DB

Si queréis ver los certificados raíz que tenéis en vuestros equipos, podéis hacerlo como indica aquí MFST:

How to determine your digital certificates

If you are unsure of how to determine the root of your digital certificates, I have included some guidance, by browser, below.  For more information on the program itself, visit http://aka.ms/rootcert.

Microsoft Edge

  1. Navigate to a web page that uses your certificate.
  2. Click the Lock icon (in the web address field); the company under “Website Identification” is the company that owns the root.

Internet Explorer

  1. Navigate to a web page that uses your certificate.
  2. Click the Lock icon (in the web address field).
  3. Click View Certificates then Certification Path.
  4. View the certificate name at the top of the Certificate Path.

Chrome

  1. Navigate to a web page that uses your certificate.
  2. Click the Lock icon (in the web address field).
  3. Click Connection then Certificate Information.
  4. Click Certification Path.
  5. View the certificate name at the top of the Certificate Path.

Firefox

  1. Navigate to a web page that uses your certificate.
  2. Click the Lock icon (in the web address field) then click the arrow on the right.
  3. Click More Information then View Certificate.
  4. Click Details.
  5. View the certificate name at the top of the Certificate Path.

Aquí tenéis las razones del porqué se retirarán dicho certificados raíz:

At Microsoft, we are continuously working to deliver on our commitment to the security of our customers and their ecosystems. A core component of our strategy to inform Windows users about the safety of the websites, apps and software they’re accessing online is built into the Microsoft Trusted Root Certificate Program. This program takes root certificates supplied by authorized Certificate Authorities (CAs) around the world and ships them to your device to tell it which programs, apps and websites are trusted by Microsoft.
Our efforts to provide a seamless and secure experience usually take place in the background, but today, we want to tell you about some changes we have made to this program. These crucial modifications will help us better guard against evolving threats affecting websites and the apps ecosystem, but they may impact a small set of customers who have certificates from affected partners.
This past spring, we began engaging with Certificate Authorities (CA) to solicit feedback and talk about upcoming changes to our Trusted Root Certificate Program. Among other things, the changes included more stringent technical and auditing requirements. The final program changes were published in June 2015. Since then, we have been working, directly and through community forums, to help our partners understand and comply with the new program requirements.
Through this effort, we identified a few partners who will no longer participate in the program, either because they have chosen to leave voluntarily or because they will not be in compliance with the new requirements. We’ve published a complete list of Certificate Authorities below that are out of compliance or voluntarily chose to leave the program and will have their roots removed from the Trusted Root CA Store in January 2016. We encourage all owners of digital certificates currently trusted by Microsoft to review the list and take action as necessary.
The certificate-dependent services you manage will be impacted if the certificates you use chain up to a root certificate Microsoft removes from the store. Though the actual screens and text vary depending on which browser a customer is using, here’s what will usually happen:
  • If you use one of these certificates to secure connections to your server over https, when a customer attempts to navigate to your site, that customer will see a message that there is a problem with the security certificate.
  • If you use one of these certificates to sign software, when a customer attempts to install that software on a Windows operating system, Windows will display a warning that the publisher may not be trusted. In either case, the customer may choose to continue.
We strongly encourage all owners of digital certificates currently trusted by Microsoft to review the below list and investigate whether their certificates are associated with any of the roots we will be removing as part of the update. If you use a certificate that was issued by one of these companies, we strongly recommend that you obtain a replacement certificate from another program provider. The list of all providers is located at http://aka.ms/trustcertpartners.
With Windows 10 we will continue to work hard to provide you with safer experiences you expect from Windows, keeping you in control and helping you do great things.
Cómo podemos elegir
Actualización del c

sbuytrago@asirsl.com

NO HAY COMENTARIOS

DEJA UN COMENTARIO

Este sitio web utiliza cookies. Si continúas navegando, consideramos que aceptas su uso. Puedes obtener más información en nuestra política de cookies. ACEPTAR

Aviso de cookies
Share This