The Mozilla Foundation issued the Security Advisory 2011-34 in order to completely remove the DigiNotar root certificate from its trusted vendors repository. We are missing any news from Apple which seems to completely ignore the entire issue. We haven’t see and updates of the operating system nor for its Safari browser.
Microsoft issued the Security Advisory 2607712 which permanently revokes five certificates of DigiNotar by moving them to the Untrusted Certificate Store.
These actions performed by Microsoft mean that any certificate ever issued by DigiNotar or signed by any certificate issued by DigiNotar becomes automatically invalid. Even more, when a certificate becomes revoked, means for the operating system that it is more or less blacklisted. In this special case, the browsers will no longer allow the users to ignore the warning, the only choice left is to close the page. This measure has some serious consequences for those who have a valid certificate issued by DigiNotar: from now on, their certificate becomes revoked as well.
Such measures might seem a bit dramatic, but this entire problem has become dramatic after discovering that DigiNotar was used to generate fraudulent certificates for Microsoft, CIA, MI6, Mossad, and others. It will be hard to regain trust again in the certification industry.
Please make sure you update your operating system and browsers.
Sorin Mustaca
Data Security Expert
Leave a reply
