> What is the CA hierarchy "linking back to ANSSI" that chrome is/was trusting? Is the root of that hierarchy still trusted by chrome?
Chrome gets the list of root certificates from the underlying operating system. Since ANSSI is in the Mozilla root set, it is quite widely distributed.
(Although note that it may be listed under ANSSI's old name: DCSSI, or as "IGC/A".)
Chrome gets the list of root certificates from the underlying operating system. Since ANSSI is in the Mozilla root set, it is quite widely distributed.
(Although note that it may be listed under ANSSI's old name: DCSSI, or as "IGC/A".)