The Latest in IT Security

Was DigiNotar’s PKIoverheid CA breached too?

02
Sep
2011

Earlier this week DigiNotar said another audit would be performed and the results of this audit would be made public.

One of the big questions is whether the government CA branch – called DigiNotar PKIoverheid – has also been compromised.

In seeming preparation of these results, the Dutch government has sent out an email to users who’ve been issued a certificate via the DigiNotar PKIoverheid CA. All these companies/services are tied to the government or public services.
Pending the results of this audit the Dutch government is asking PKIoverheid certificate owners to do the following:

– List the PKIoverheid certificates in the organisation.

– List the processes for which these certificates are being used.

– List the consequences in case the PKIoverheid certificates can no longer be trusted.

I think it would be wise at this point for the affected browser makers to start preparing an update which will also blacklist DigiNotar’s PKIoverheid CA. Pending the outcome of the audit, of course.

A lot of Dutch government sites and services are going to be affected by the revocation. Clean up is going to be painful.

The Dutch government has used DigiNotar as an intermediary CA in quite a lot of cases. The Dutch government actually has a root CA of their own. It could be leveraged to quickly produce new certificates for affected services.

I hope it’s truly clear now that the Dutch government needs to distance itself from DigiNotar.

Previous blog entries on this matter:
More on DigiNotar and
The bigger issue with the rogue Google SSL cert

Leave a reply


Categories

THURSDAY, MARCH 28, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments