Issue metadata
Sign in to add a comment
|
webmail.es.gov.br and other Brazilian government sites are broken in Chrome 60 |
||||||||||||||||||||
Issue descriptionThe public suffix list added es.gov.br and other similar domains to the ICANN Domains: https://github.com/publicsuffix/list/commit/fdfbb709c13f37a583d57832b61909740d2c8c05 This change was then imported into Chrome in 50f8775aacb3c66f540f692811201a6c77784e34, and then merged to M60 in 6754f383898a6668a68cee6facdb99e38dfe37a6. The consequence of the upstream change to the public suffix list is that existing certificates which used wildcards such as *.es.gov.br are now broken as wildcards on public suffixes are not permitted. Chrome will fail with ERR_CERT_COMMON_NAME_INVALID. For instance: https://webmail.es.gov.br/ The change to the PSL seems incongruent with the existing certificates. |
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by asymmetric@chromium.org
, Aug 2 2017