In response to Google's earlier announcement that Taiwan's Chunghwa Telecom and Hungarian certificate authority Netlock failed to comply with the new default trust specifications of the Chrome browser, Chunghwa Telecom's trust in new TLS certificates issued after August 130 will be removed starting from Chrome version 2025. Chunghwa Telecom confirmed in a subsequent statement that it was unable to complete the adjustment within the timeframe required by Google's new regulations, but emphasized that it had completed the relevant adjustments and was in compliance with the new regulations, and expected to regain Chrome browser trust before March 8.
The Ministry of Digital Development of the Republic of China (MODD) stated that it had obtained relevant information in March and made preparations in advance. It also launched a dual-certificate mechanism for government websites in March of this year, using certificates issued by local certificate authorities that meet the public trusted root certificate standard. This ensures that when a specific certificate is removed from the browser's default trust, it can still operate as an alternative certificate, allowing government agency websites to be browsed normally in various browsers, thereby ensuring the stability and credibility of government public services.
At the same time, the Ministry of Digital Economy and Development stated that Chrome's trust policy adjustment is for new certificates issued after August 2025, 8. Therefore, website certificates issued by the Government TLS Certificate Authority (GTLSCA) before this date can still be used normally within the subsequent one-year validity period and will not be directly affected by this Google adjustment.
As for the websites of public agencies that may be affected, the Ministry of Digital Development stated that it will provide technical support and operational guidance to assist agencies in completing system settings and compatibility testing to avoid technological gaps between different agencies that could render public services unusable, cause misunderstandings from the outside world, and impact the government's trust in digital governance.
Google stated on its security blog that under the Chrome Root Certificate Program policy, CA certificate authorities must provide greater security value to Chrome users to prevent them from facing security risks during browsing. Therefore, it believes that CA certificate authorities must play a trusted role and abide by security consensus and compliance requirements. However, records from the past year or several months show that the compliance of the two CA authority units, Chunghwa Telecom and Netlock, have not met the standards, and have not made improvements as promised. The lack of practical and measurable actions in the publicly disclosed incident reports has reduced confidence in their reliability. Therefore, in order to ensure the safety of Chrome users and the integrity of the Chrome root store, new measures have been taken.
After Google's new measures are officially implemented in August, Chrome versions 8 and later on Windows, macOS, ChromeOS, Android, and Linux platforms will no longer be able to access websites using new certificates issued by Chunghwa Telecom and Netlock. However, due to Apple's different usage policy, the iOS version of the Chrome browser will not be affected.
