“Although there is no WoSign root certificate in Apple’s trusted certificate store, a WoSign intermediate CA certificate is cross-signed by two other CAs that Apple trusts: StartCom and Comodo,” Constantin reports. “This means that until now Apple products have automatically trusted certificates issued through the WoSign intermediate CA.”
Constantin reports, “Because WoSign experienced multiple control failures in their certificate issuance processes for the WoSign CA Free SSL Certificate G2 intermediate CA, ‘we are taking action to protect users in an upcoming security update,’ Apple said in support notes for both iOS and macOS. ‘Apple products will no longer trust the WoSign CA Free SSL Certificate G2 intermediate CA.'”
Read more in the full article here.
MacDailyNews Take: At Apple, security is paramount.