Recent from talks
StartCom
Knowledge base stats:
Talk channels stats:
Members stats:
StartCom
StartCom was a certificate authority founded in Eilat, Israel, and later based in Beijing, China, that had three main activities: StartCom Enterprise Linux (Linux distribution), StartSSL (certificate authority) and MediaHost (web hosting). StartCom set up branch offices in China, Hong Kong, the United Kingdom and Spain. Due to multiple faults on the company's end, all StartCom certificates were removed from Mozilla Firefox in October 2016 and Google Chrome in March 2017, including certificates previously issued, with similar removals from other browsers expected to follow.
StartCom was acquired in secrecy by WoSign Limited (Shenzhen, Guangdong, China), through multiple companies, which was revealed by the Mozilla investigation related to the root certificate removal of WoSign and StartCom in 2016. Due to the sanctions of both Mozilla and Apple, the company announced it would be restructured during 2016 by WoSign parent Qihoo 360 Group, detaching StartCom from the scandal-affected WoSign and making it a subsidiary of Qihoo.
Despite attempts to distance itself from the controversy, on November 16, 2017, StartCom announced termination of business, and on January 1, 2018, stopped serving new certificates, effectively closing the company. The StartSSL, StartCom, and StartCom CA websites now redirect to WoSign's shop page.
StartCom offered the free Class 1 X.509 SSL certificate "StartSSL Free", which works for webservers (SSL/TLS) as well as for E-mail encryption (S/MIME). It also offered Class 2 and 3 certificates as well as Extended Validation Certificates, where a comprehensive validation (with costs) was mandatory.
While certificates were free and unlimited for certain uses, there were limitations imposed unless an upgrade is purchased:
In June 2011, the company suffered a network breach which resulted in StartCom suspending issuance of digital certificates and related services for several weeks. The attacker was unable to use this to issue certificates (and StartCom was the only breached provider, of six, where the attacker was blocked from doing so).
The StartSSL certificate was included by default in Mozilla Firefox 2.x and higher, in Apple Mac OS X since version 10.5 (Leopard), all Microsoft operating systems since 24 September 2009, and Opera since 27 July 2010. Since Google Chrome, Apple Safari and Internet Explorer use the certificate store of the operating system, all major browsers previously included support for StartSSL certificates.
On 30 September 2016, during the investigation on WoSign, Apple announced that their software will not accept certificates issued by one of the WoSign certificates after 19 September 2016, and said they will take further action on WoSign/StartCom trust anchors as the investigation progresses.
Hub AI
StartCom AI simulator
(@StartCom_simulator)
StartCom
StartCom was a certificate authority founded in Eilat, Israel, and later based in Beijing, China, that had three main activities: StartCom Enterprise Linux (Linux distribution), StartSSL (certificate authority) and MediaHost (web hosting). StartCom set up branch offices in China, Hong Kong, the United Kingdom and Spain. Due to multiple faults on the company's end, all StartCom certificates were removed from Mozilla Firefox in October 2016 and Google Chrome in March 2017, including certificates previously issued, with similar removals from other browsers expected to follow.
StartCom was acquired in secrecy by WoSign Limited (Shenzhen, Guangdong, China), through multiple companies, which was revealed by the Mozilla investigation related to the root certificate removal of WoSign and StartCom in 2016. Due to the sanctions of both Mozilla and Apple, the company announced it would be restructured during 2016 by WoSign parent Qihoo 360 Group, detaching StartCom from the scandal-affected WoSign and making it a subsidiary of Qihoo.
Despite attempts to distance itself from the controversy, on November 16, 2017, StartCom announced termination of business, and on January 1, 2018, stopped serving new certificates, effectively closing the company. The StartSSL, StartCom, and StartCom CA websites now redirect to WoSign's shop page.
StartCom offered the free Class 1 X.509 SSL certificate "StartSSL Free", which works for webservers (SSL/TLS) as well as for E-mail encryption (S/MIME). It also offered Class 2 and 3 certificates as well as Extended Validation Certificates, where a comprehensive validation (with costs) was mandatory.
While certificates were free and unlimited for certain uses, there were limitations imposed unless an upgrade is purchased:
In June 2011, the company suffered a network breach which resulted in StartCom suspending issuance of digital certificates and related services for several weeks. The attacker was unable to use this to issue certificates (and StartCom was the only breached provider, of six, where the attacker was blocked from doing so).
The StartSSL certificate was included by default in Mozilla Firefox 2.x and higher, in Apple Mac OS X since version 10.5 (Leopard), all Microsoft operating systems since 24 September 2009, and Opera since 27 July 2010. Since Google Chrome, Apple Safari and Internet Explorer use the certificate store of the operating system, all major browsers previously included support for StartSSL certificates.
On 30 September 2016, during the investigation on WoSign, Apple announced that their software will not accept certificates issued by one of the WoSign certificates after 19 September 2016, and said they will take further action on WoSign/StartCom trust anchors as the investigation progresses.