Furthermore, the exceptions for certificates issued before Oct. 21 are only temporary and are intended to give WoSign and StartCom customers time to transition to other CAs. These exceptions will be reduced in subsequent Chrome versions and the two CAs will eventually be fully untrusted.
"Sites that find themselves on this whitelist will be able to request early removal once they’ve transitioned to new certificates," Whalley said. "Any attempt by WoSign or StartCom to circumvent these controls will result in immediate and complete removal of trust."
Sign up for CIO Asia eNewsletters.