> What is the CA hierarchy "linking back to ANSSI" that chrome is/was trusting? Is the root of that hierarchy still trusted by chrome?
Chrome gets the list of root certificates from the underlying operating system. Since ANSSI is in the Mozilla root set, it is quite widely distributed.
(Although note that it may be listed under ANSSI's old name: DCSSI, or as "IGC/A".)
ANSSI is essentially the French NSA. It's a fair comparison, even though the agency is brand new (they were hiring en masse a couple of years ago) and has a seriously small budget.
I'm amazed that they can run a CA and that nobody find this odd.
http://www.ssi.gouv.fr/fr/anssi/presentation/ "The agency is attached to the secretary general of defence and national security".
What is the CA hierarchy "linking back to ANSSI" that chrome is/was trusting? Is the root of that hierarchy still trusted by chrome?
Edit: following link from seszett's post below, hierarchy is at: http://www.ssi.gouv.fr/fr/anssi/services-securises/igc-a/ and the IGC/A certificate is under PM/SGDN in Chrome's authority store.