CA hack: more bogus certificates
From http://h-online.com/-1334651
Quote:
Dutch SSL Certificate Authority (CA) DigiNotar is still keeping a low profile regarding the extent of the recently disclosed intrusion by hackers.
The source code of the Chromium browser project, on which Google Chrome is based, has now provided some evidence of the extent of the compromise: its list of blocked certificates has grown from 10 to 257. A source code comment makes it clear that the newly added certificates were issued by DigiNotar. Whether the blocked certificates affect further popular web sites remains unknown. In addition to the CA's root certificate, the Chromium developers have also blacklisted two intermediate certificates derived from it.
|
Also see the EFF article at http://www.eff.org/deeplinks/2011/08...against-google
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|