Certificate Authority Compromises Are Global In Reach

Posted by on September 9, 2011
There has already been a lot written about the compromise at DigiNotar, GlobalSign and Comodo. One day we will look at the summer of 2011 as the time when the PKI collapsed. That's not hyperbole. The problems with certificate authorities and the inherent weakness they present have been known for years--a fact we alluded to as far back as 1997. Browsers accept certificates as trusted in that they have the signing CA certificate in their local browser store. Browsers do not check that a particular CA is authorized to actually issue a particular server certificate. The trust is universal. That is why the attacks on DigiNotar, GlobalSign and Comodo are so serious and have global impact.

By: Mike Fratto

This article was syndicated via RSS from: http://www.networkcomputing.com/security/231601123

Filed in: Cloud Computing & SaaS, Information Technology Tags: , , , , , , , , , , , ,

Related Posts

Bookmark and Promote!

Leave a Reply

You must be Logged in to post comment.

© 2012 Knowledge Hub Networks & IT Knowledge Hub LLC. All rights reserved. XHTML / CSS Valid.
About | Advertise | Contact Us | Privacy | Terms of Use | Unsubscribe