By October, Symantec-chained TLS certificates will be rejected by both Firefox and Chrome as the pair of web browsers continue down the path of distrusting Symantec certificates first laid out last year.
Mozilla said in a blog post that when it distrusts Symantec in Firefox 63, slated for release on October 23, the switch will affect 3.5 percent of the top 1 million sites.
Chrome is set to do the same with Chrome 70, set for release around October 16.
Among the sites impacted if the change were to happen now is PayPal, as pointed out by security consultant Liam O, which currently serves up a Symantec certificate that expires on October 31, 2019.
However, Mozilla said that in the move to distrusting Symantec certificates issued before June 2016 in Firefox 60, it saw the number of sites affected collapse from 1 percent in early March to less than 0.15 percent on May 9.
The browser maker also said the number of sites using Symantec-chained certificates has fallen by 20 percent in the past two months.
"As the Firefox 63 release approaches, we expect the same rapid pace of improvement that we observed with the Firefox 60 release," Mozilla said.
"We strongly encourage website operators to replace any remaining Symantec TLS certificates immediately to avoid impacting their users as these certificates become distrusted in Firefox Nightly and Beta over the next few months."
In April, Chrome 66 removed trust for Symantec certificates issued before June 2016.
Google put forward its plan to begin distrusting Symantec-issued TLS certificates in July 2017.
That same month, security researcher Hanno Böck tricked Symantec into incorrectly revoking certificates based on forged private keys.
"Symantec did a major blunder by revoking a certificate based on completely forged evidence," he said. "There's hardly any excuse for this, and it indicates that they operate a certificate authority without a proper understanding of the cryptographic background."
Weeks later, Symantec's website security business was sold to DigiCert for $950 million in cash upfront, and a 30 percent stake in DigiCert.
Symantec kicked off its week with an analyst conference call outlining its view for the fiscal years ahead and how its enterprise business is shifting.
A top Linux security programmer, Matthew Garrett, has discovered Linux in Symantec's Norton Core Router. It appears Symantec has violated the GPL by not releasing its router's source code.
With Australians to soon transfer money in near real-time, banks will need to up their fraud detection capabilities, but Symantec's local CTO has said biometrics isn't the way to do that.
Older TLS and SSL protocols can pose a security risk and will no longer be supported as of June 30.
The latest version of the protocol for HTTPS secure connections gets green light from the IETF.