Google has decided to remove default trust from two certificate authorities, Chunghwa Telecom and Netlock, due to persistent compliance issues and failure to adhere to required standards. This decision, part of Chrome's version 139 rollout set for August 1, 2025, reflects a growing concern regarding the reliability of these CAs. Security experts emphasize the importance of adherence to Baseline Requirements, which enforce strict protocols for the issuance and management of certificates, including timely revocation practices that were not met by both CAs.
Google has announced it has removed default trust of two certificate authorities due to compliance issues and failures to improve upon them.
Both CAs repeatedly went past the Baseline-Requirement revocation deadlines, leaving invalid certificates active beyond the allowed window.
Collection
[
|
...
]