Let's Encrypt deemed unsafe starting 2018?


#1

I domain management company is telling one of my clients that, starting 2018, Google Chrome will start warning visitors that their Let Encrypt certificate isn’t safe. According to this company my clients need to upgrade to some other cert from i.e. GeoTrust.

Is there any truth to this?

Thanks in advance,
Jan Järfalk


#2

I would consider this as the last screams of a drowning commercial CA business.


#3

Are you able to share exactly what this message stated?

On a personal level, I’m also curious to know who sent it. But it’s likely inappropriate to ask.

That is false.

No.

Trust in older GeoTrust certificates, however, is being phased out. Are you sure you didn’t read the message backwards?


#4

Is he talking about mandatory certificate transparency in Chrome perhaps?


#5

Maybe, but there’s no reason to think Let’s Encrypt or any other CA will fail to make the deadline and issue unusable certificates.


#6

Nope, Let’s Encrypt will continue to be trusted for many years to come. I’m not sure on what basis someone would be making that claim. If you’re willing to share the name of the service provider saying this, I’d be happy to reach out and try to correct the record.


#7

GeoTrust will be detrusted, but Let’s Encrypt will be trusted for years to come.


#8

If DigiCert is still issuing new certificates under the GeoTrust brand, they’re presumably using acceptable roots, so those new certs won’t be distrusted. (Unless the subscriber requests otherwise.)


#9

Hi.

Not sure where you heard this but this is totally untrue. I imagine that the story of Chrome UI distrust has been spun into something else. Here’s what we know…Chrome will be marking NON HTTPS websites as insecure, Chrome is also moving towards a distrust of Symantec certificates.


Best,
GlobalSign Marketing Team


#10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.