Google Chrome's official developer blog recently mentioned that Google Chrome has announced in a public forum on May 30, 2025 that it will cancel its default trust in Chunghwa Telecom and Netlock. Officials from the Ministry of Data Development, the competent authority, also said that they had the information at the beginning of the year, and launched the dual certificate mechanism for government websites since March, using certificates issued by Taiwan's local certificate authorities to ensure that government websites can continue to operate securely on all major browsers. What is the impact of this incident? This article takes you to break down.
Google: Chunghwa Telecom has repeatedly shown negligence and is no longer trustworthy.
Google Chrome said that in accordance with the Chrome Root Credential Program Policy (Chrome the Root Program Policy), all (Chrome root Store) included in the Chrome Root Credential Store of certificate authorities (CA) must ensure that the overall value it brings to the end user outweighs the risk posed by continued trust; At the same time, the actions of CAs in disclosing or responding to information security incidents are also one of Chrome's important evaluation indicators. In the event of an omission, Google expects CAs to make specific and verifiable improvements and continuously improve internal processes.
Google stated that over the past year, it has observed "concerning behavior patterns" from Chunghwa Telecom (Chunghwa Telecom) and Netlock, two CA providers, which not only affected their operational integrity but also failed to meet the Chrome Root program's requirements for credibility and transparency. Google pointed out that these situations have undermined external trust in the two providers as "default trusted certificate issuers."
Starting from August, websites using Chunghwa Telecom's TLS service will display a warning.
Google Chrome will no longer trust new TLS certificates issued by Chunghwa Telecom by default starting August 1, 2025. This action will be implemented in Chrome version 139 and later on Windows, macOS, ChromeOS, Android, and Linux. Apple policy prohibits the use of the Chrome Certificate Verifier and the corresponding Chrome root store on the iOS version of Chrome.
If the website uses a certificate issued by Chunghwa Telecom after July 31, 2025, the following content will be displayed:
Google Chrome recommends that affected website operators migrate to another publicly trusted CA owner as soon as possible. If an existing certificate expires after July 31, 2025, you must complete the operation before the existing certificate expires.
Department of Digital Development: At the beginning of the year, we had already grasped the information and started preparations to clarify that Chunghwa Telecom's issues are not related to cybersecurity.
In order to avoid the impact on the websites of government agencies, the dual-certificate mechanism for government websites has been launched in March, using certificates issued by local certificate authorities in Taiwan to ensure that government websites can continue to operate securely on all mainstream browsers and maintain the stability and credibility of public digital services.
According to reports, the official added that Google does not distrust Chunghwa Telecom due to issues with cybersecurity technology or standards, as the transmission layer security protocol (TLS) certificate issued by Chunghwa Telecom is consistent with international standards and poses no security issues. The main problem lies with Chunghwa Telecom's management and operations not being handled properly. Chunghwa Telecom also stated that it will work to regain Google's trust by March next year.
This article Google: Chunghwa Telecom's web certificate has been removed from the trusted list since August, and some websites may fail to load. First appeared in Chain News ABMedia.
The content is for reference only, not a solicitation or offer. No investment, tax, or legal advice provided. See Disclaimer for more risks disclosure.
Google: The Chunghwa Telecom web certificate has been removed from the trusted list since August, and some websites may not be able to load.
Google Chrome's official developer blog recently mentioned that Google Chrome has announced in a public forum on May 30, 2025 that it will cancel its default trust in Chunghwa Telecom and Netlock. Officials from the Ministry of Data Development, the competent authority, also said that they had the information at the beginning of the year, and launched the dual certificate mechanism for government websites since March, using certificates issued by Taiwan's local certificate authorities to ensure that government websites can continue to operate securely on all major browsers. What is the impact of this incident? This article takes you to break down.
Google: Chunghwa Telecom has repeatedly shown negligence and is no longer trustworthy.
Google Chrome said that in accordance with the Chrome Root Credential Program Policy (Chrome the Root Program Policy), all (Chrome root Store) included in the Chrome Root Credential Store of certificate authorities (CA) must ensure that the overall value it brings to the end user outweighs the risk posed by continued trust; At the same time, the actions of CAs in disclosing or responding to information security incidents are also one of Chrome's important evaluation indicators. In the event of an omission, Google expects CAs to make specific and verifiable improvements and continuously improve internal processes.
Google stated that over the past year, it has observed "concerning behavior patterns" from Chunghwa Telecom (Chunghwa Telecom) and Netlock, two CA providers, which not only affected their operational integrity but also failed to meet the Chrome Root program's requirements for credibility and transparency. Google pointed out that these situations have undermined external trust in the two providers as "default trusted certificate issuers."
Starting from August, websites using Chunghwa Telecom's TLS service will display a warning.
Google Chrome will no longer trust new TLS certificates issued by Chunghwa Telecom by default starting August 1, 2025. This action will be implemented in Chrome version 139 and later on Windows, macOS, ChromeOS, Android, and Linux. Apple policy prohibits the use of the Chrome Certificate Verifier and the corresponding Chrome root store on the iOS version of Chrome.
If the website uses a certificate issued by Chunghwa Telecom after July 31, 2025, the following content will be displayed:
Google Chrome recommends that affected website operators migrate to another publicly trusted CA owner as soon as possible. If an existing certificate expires after July 31, 2025, you must complete the operation before the existing certificate expires.
Department of Digital Development: At the beginning of the year, we had already grasped the information and started preparations to clarify that Chunghwa Telecom's issues are not related to cybersecurity.
In order to avoid the impact on the websites of government agencies, the dual-certificate mechanism for government websites has been launched in March, using certificates issued by local certificate authorities in Taiwan to ensure that government websites can continue to operate securely on all mainstream browsers and maintain the stability and credibility of public digital services.
According to reports, the official added that Google does not distrust Chunghwa Telecom due to issues with cybersecurity technology or standards, as the transmission layer security protocol (TLS) certificate issued by Chunghwa Telecom is consistent with international standards and poses no security issues. The main problem lies with Chunghwa Telecom's management and operations not being handled properly. Chunghwa Telecom also stated that it will work to regain Google's trust by March next year.
This article Google: Chunghwa Telecom's web certificate has been removed from the trusted list since August, and some websites may fail to load. First appeared in Chain News ABMedia.