Chrome Root Program Enhances Web PKI Security with Mandatory MPIC and Linting
2025-03-31
Google's Chrome team announced that its Root Program is mandating two key security improvements: Multi-Perspective Issuance Corroboration (MPIC) and certificate linting. MPIC mitigates the risk of fraudulently issued certificates due to BGP attacks by verifying domain control from multiple geographic locations, while linting automates the detection of certificate errors, improving security. Both are mandatory for publicly trusted certificates from March 15, 2025, strengthening the web PKI ecosystem's security and stability, and reducing certificate mis-issuance. The Chrome team also plans to sunset weak domain validation methods and actively explore solutions for a post-quantum cryptography world.