Entrust Datacard

Entrust Certificate Services Support Knowledge Base

Last Modified: 2017-04-28 09:37:27.0

Google Chrome 58: Browser Security Changes

Article Number: 70758

User-added image

Here is what's new with Google Chrome 58 browser security as of April 2017:
SSL/TLS certificate Common Name (CN) no longer supported

Google Chrome 58 will no longer support the Common Name field on your SSL/TLS certificates. The Common Name (CN=) field is used to display the domain name for which the certificate is valid and was actually phased-out via RFC almost two decades ago. The fields upon which you can see this information in Google Chrome 58 is the "DN=" or "SANs" fields.

Thus, if you use SSL/TLS certificates that were exclusively using the CN field to indciate the valid domain name, Chrome 58 will no longer support those certificates. Note that this will not affect any certificates issued from Entrust Datacard as as we include CN, DN and SANs fields on all of our certificates for maximum compatibility.

An enterprise policy has been added for those who need Common Name support for a while longer.

Encrypted Media Extensions now require HTTPS

As part of Google's plan to incrementally deprecrate powerful browser features that may unintentionally create insecurities, Chrome 58 restricts certain features to HTTPS only, with the most recent feature being Encrypted Media Extenions (EME). EMEs will require HTTPS in order to display .

Forthcoming update: Notifications will require HTTPS (later this year)

Similar to the change made to EMEs, later this year the Notifications API - which allows websites to send desktop notifications to Chrome - will also require HTTPS in order to send notifications

Homograph Vulnerability Fixed

Homograph attacks exploit characters which are different but look similar by combining a non-Latin alphabet with a Latin top-level-domain. Some domain registrars allow for the registration of domains using special non-ASCII characters. This makes it possible to register a domain that appears as "apple.com"  but was registered a Cyrillic "a" (U+0430) instead of an ASCII "a".

Note that the ability to use non-ASCII characters is used to support the billions of non-native English speakers whose languages use special characters to access the Internet. In order to be able to protect these users (as well as those who could be exposed to a potential homograph attack),Chrome is mitigating this specific type of homograph attack by displaying the domain in its ‘punycode’ form (a method for displaying Unicode with the ASCII character set) when a domain is made entirely of Cyrillic letters and the top-level domain is not an internationalized domain name.

In Chrome 58, the domain would appear as:
User-added image

Please consult this article for further Chrome 58 security updates.

If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance: 

Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET 
North America (toll free): 1-866-267-9297 
Outside North America: 1-613-270-2680 (or see the list below) 
NOTE: It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.

CountryNumber
Australia0011 - 800-3687-7863
1-800-767-513
Austria00 - 800-3687-7863
Belgium00 - 800-3687-7863
Denmark00 - 800-3687-7863
Finland990 - 800-3687-7863 (Telecom Finland)
00 - 800-3687-7863 (Finnet)
France00 - 800-3687-7863
Germany00 - 800-3687-7863
Hong Kong001 - 800-3687-7863 (Voice)
002 - 800-3687-7863 (Fax)
Ireland00 - 800-3687-7863
Israel014 - 800-3687-7863
Italy00 - 800-3687-7863
Japan001 - 800-3687-7863 (KDD)
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)
Korea001 - 800-3687-7863 (Korea Telecom)
002 - 800-3687-7863 (Dacom)
Malaysia00 - 800-3687-7863
Netherlands00 - 800-3687-7863
New Zealand00 - 800-3687-7863
0800-4413101
Norway00 - 800-3687-7863
Singapore001 - 800-3687-7863
Spain00 - 800-3687-7863
Sweden00 - 800-3687-7863 (Telia)
00 - 800-3687-7863 (Tele2)
Switzerland00 - 800-3687-7863
Taiwan00 - 800-3687-7863
United Kingdom00 - 800-3687-7863
0800 121 6078
+44 (0) 118 953 3088