Diginotar SSL certificate attack

6 Sep 2011
It’s been widely reported in the press that Dutch Certificate Authority (CA) Diginotar was breached by hackers. As a result, 531 digital certificates were fraudulantly issued including for several *.google.com domains.

A good article describing what happened is available here:

http://www.theinquirer.net/inquirer/news/2106065/major-domains-targeted-diginotar-ssl-attack

Mozilla (author of Firefox) has taken the unique step of removing Diginotar’s root CA from it’s trusted list within its broswer; this means that Firefox will no longer trust ANY site that is using a cetificate that was issued Diginotar.

Expect the fallout from this to continue for some time yet….

Barry Hesk

Leave a Reply