Distrust of Symantec TLS Certificates

From the release notes for Mozilla Firefox Version 64.0: TLS certificates issued by Symantec are no longer trusted by Firefox. Website operators are strongly encouraged to replace any remaining Symantec TLS certificates as soon as possible.


Chromium too.

:-TU :-TU :-TU :P0l

And as is stated by DigiCert, who acquired Symantec’s CA-business,

The distrust dates will apply to all certificates issued from VeriSign roots, including Symantec, Thawte, GeoTrust, and RapidSSL certificates.

Most roots have been replaced by DigiCert’s (RapidSSL used GeoTrust’s root):

Source: W³Techs

Also Encryption Everywhere, which was launched by Symantec 15 March 2016, now uses DigiCert’s root (two roots, actually).