In this episode, we dissect Google’s recent and upcoming decisions to distrust several Certificate Authorities (CAs) within the Chrome Root Store, including Entrust, Chunghwa Telecom, and Netlock. These high-impact moves are rooted in Chrome’s strict enforcement of compliance, transparency, and security standards for public trust.
We explore the role of the Chrome Root Store and Certificate Verifier, the timeline and technical specifics of the CA distrust actions taking effect in November 2024 and August 2025, and the broader implications for enterprises and the Web Public Key Infrastructure (WebPKI). You’ll hear how these changes affect certificate validation, enterprise overrides, and post-quantum cryptographic readiness.
We also examine what these actions signal for the future of digital trust, CA accountability, and browser power dynamics. Tune in to understand how Chrome’s decisions are reshaping the rules of HTTPS trust and what enterprises must do now to stay ahead of disruptions.
