3 posts tagged with CertificateAuthority.
Displaying 1 through 3 of 3. Subscribe:

Decentralized SSL Observatory

EFF's HTTPS Everywhere v2 adds support for Chrome and adds Decentralized SSL Observatory to the FireFox version, [more inside]
posted by jeffburdges on Feb 29, 2012 - 20 comments

Comodo Registration Authority compromised

The circumstantial evidence suggests that the attack originated in Iran. Every time you see a little lock icon in your browser and are using HTTPS connections, odds are you're using a site whose certificate was signed by an Certificate Authority like VeriSign, Comodo, or Thawte. This week, SSL certificate provider Comodo announced that one of its accounts had been compromised. The attacker used the account to generate 9 bogus certificates to use for 7 well-known domains. While the breach was discovered and the certificates were revoked, it does raise questions about the chain of trust for all SSL certificates. [more inside]
posted by fifteen schnitzengruben is my limit on Mar 24, 2011 - 49 comments

Stir in poisoned DNS and add a dash of transparent proxying...

The embargo has been lifted on the newest research on growing internet infrastructure insecurity. Using an army of Playstations, researchers have managed to forge a RapidSSL (owned by Verisign) CA certificate in a couple hours due to known flaws in MD5.
posted by These Premises Are Alarmed on Dec 30, 2008 - 33 comments

Page: 1