Thread: CA hack: more bogus certificates
View Single Post
  #1   (View Single Post)  
Old 1st September 2011
J65nko J65nko is offline
Administrator
  
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,131
Default CA hack: more bogus certificates
From http://h-online.com/-1334651

Quote:
Dutch SSL Certificate Authority (CA) DigiNotar is still keeping a low profile regarding the extent of the recently disclosed intrusion by hackers.

The source code of the Chromium browser project, on which Google Chrome is based, has now provided some evidence of the extent of the compromise: its list of blocked certificates has grown from 10 to 257. A source code comment makes it clear that the newly added certificates were issued by DigiNotar. Whether the blocked certificates affect further popular web sites remains unknown. In addition to the CA's root certificate, the Chromium developers have also blacklisted two intermediate certificates derived from it.
Also see the EFF article at http://www.eff.org/deeplinks/2011/08...against-google
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote