Unlike Mozilla, Google anticipated SHA-1 errors caused by HTTPS traffic inspection systems
Earlier this week, Mozilla was forced to backpedal on banning new SHA-1 digital certificates because the move completely cut off some Firefox users from the encrypted Web. It appears that Google saw the problem coming.
Instead of banning all digital certificates signed with SHA-1 and issued after Jan. 1, Google plans to only “untrust” those that originate from public certificate authorities.
This decision takes into account that some companies might still use self-generated SHA-1 certificates internally on their networks, or that some antivirus programs and security devices will continue to generate such certificates when inspecting HTTPS traffic.