Microsoft deems all DigiNotar certificates untrustworthy, releases

• Previous message (by thread): Microsoft deems all DigiNotar certificates untrustworthy, releases
• Next message (by thread): Microsoft deems all DigiNotar certificates untrustworthy, releases
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 14/09/11 13:44, Christopher Morrow wrote:
> On Tue, Sep 13, 2011 at 11:33 PM, Jima <nanog at jima.tk> wrote:
>>  Huh?  I'm a bit lost here, since I had two StartSSL certs issued yesterday
>> afternoon.
> 
> orly? wierd, they made a press release ~last-june (I think?) stating
> they were stopping issuance indefinitely. I do hope they are actually
> issuing again :)
> 
> I like my random numbers to be free.

As claimed by the DigiNotar hacker - He compromised their servers but
Eddy was manually approving certs at the time and so no certs were signed.

There was information about it on the site, but it seems to be gone now.
Articles still show a screenshot of the message you're talking about [1]
, but the site was back alive in July when I needed a certificate.

"A separate notice on another part of the company's site says that its
services would be unavailable until June 20, " [2]

I've certainly been able to issue certificates for myself since then.

[1]
http://news.netcraft.com/archives/2011/06/22/startssl-suspends-services-after-security-breach.html

[2]
http://threatpost.com/en_us/blogs/ca-startssl-compromised-says-certificates-not-affected-062111

• Previous message (by thread): Microsoft deems all DigiNotar certificates untrustworthy, releases
• Next message (by thread): Microsoft deems all DigiNotar certificates untrustworthy, releases
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]