The Latest in IT Security

More updates because of invalidated fraudulent certificates


The Mozilla Foundation issued the Security Advisory 2011-34 in order to completely remove the DigiNotar root certificate from its trusted vendors repository. We are missing any news from Apple which seems to completely ignore the entire issue. We haven’t see and updates of the operating system nor for its Safari browser.

Microsoft issued the Security Advisory 2607712 which permanently revokes five certificates of DigiNotar by moving them to the Untrusted Certificate Store.

These actions performed by Microsoft mean that any certificate ever issued by DigiNotar or signed by any certificate issued by DigiNotar becomes automatically invalid. Even more, when a certificate becomes revoked, means for the operating system that it is more or less blacklisted. In this special case, the browsers will no longer allow the users to ignore the warning, the only choice left is to close the page. This measure has some serious consequences for those who have a valid certificate issued by DigiNotar: from now on, their certificate becomes revoked as well.

Such measures might seem a bit dramatic, but this entire problem has become dramatic after discovering that DigiNotar was used to generate fraudulent certificates for Microsoft, CIA, MI6, Mossad, and others. It will be hard to regain trust again in the certification industry.

Please make sure you update your operating system and browsers.


Sorin Mustaca

Data Security Expert


Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments