New issue
Advanced search Search tips

Issue 887998 link

Starred by 2 users

Issue metadata

Status: WontFix
Owner: ----
Closed: Sep 21
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 3
Type: Bug



Sign in to add a comment

[User Feedback - Beta] Older Symantec cert is unexpectedly showing as valid in M70

Project Member Reported by craigtumblison@chromium.org, Sep 21

Issue description

Hey all,

We have a community report that a website using a pre-December 2017 cert from Symantec is *not* showing the NET::ERR_CERT_SYMANTEC_LEGACY error in M70, but is showing it in M71.

One our community experts did some initial debugging and confirmed that they think the error should be shown. They also noted that DevTools for this site provides the M70 untrusted warning.

Test Site: https://sus.geacron.com/register/geacron-premium/

Community Thread:
- https://productforums.google.com/forum/#!topic/chrome/cu96AfgO0Yk

We wanted to flag just in case some certs are slipping through in M70 unintentionally..

Thanks!
 
Cc: asymmetric@chromium.org
The reporter is seeing the 'expected' behaviour at present.

This is being deployed via Finch for M70 Beta+ (it's on 100% for M70 Canary/Dev), with some holdback to assess error rates. Mozilla has similarly not yet enabled 100% for their Beta release, despite their blog post and DevTools messaging as well.
Perfect - thanks so much for the confirmation that this is WAI!
Status: WontFix (was: Unconfirmed)

Sign in to add a comment