Microsoft deems all DigiNotar certificates untrustworthy, releases

Ted Cooper ml-nanog090304q at elcsplace.com
Tue Sep 13 22:55:05 CDT 2011


On 14/09/11 13:44, Christopher Morrow wrote:
> On Tue, Sep 13, 2011 at 11:33 PM, Jima <nanog at jima.tk> wrote:
>>  Huh?  I'm a bit lost here, since I had two StartSSL certs issued yesterday
>> afternoon.
> 
> orly? wierd, they made a press release ~last-june (I think?) stating
> they were stopping issuance indefinitely. I do hope they are actually
> issuing again :)
> 
> I like my random numbers to be free.

As claimed by the DigiNotar hacker - He compromised their servers but
Eddy was manually approving certs at the time and so no certs were signed.

There was information about it on the site, but it seems to be gone now.
Articles still show a screenshot of the message you're talking about [1]
, but the site was back alive in July when I needed a certificate.

"A separate notice on another part of the company's site says that its
services would be unavailable until June 20, " [2]

I've certainly been able to issue certificates for myself since then.

[1]
http://news.netcraft.com/archives/2011/06/22/startssl-suspends-services-after-security-breach.html

[2]
http://threatpost.com/en_us/blogs/ca-startssl-compromised-says-certificates-not-affected-062111







More information about the NANOG mailing list