The impact of DigiNotar, a reminder on how security and trust are ongoing processes and an update on the actions taken by Belgian certificate authority GlobalSign.
As you know, Dutch certificate authority (CA) DigiNotar, recently was attacked (it was reported end of August), resulting in several hundred false website authentication certificates being issued (it’s assumed that over 500 false certificates were created). The attack by the so-called ‘ComodoHacker’, who claims operating alone, forced several online services, such as some Google applications, and several organizations to take measures.
When the hacker claimed he had access to four more certificate authorities (besides DigiNotar) on the pastebin website, Belgian CA GlobalSign temporarily stopped the creation of new certificates. [Read more...]