Let’s stop fear mongering and non-sense about Comodo Compromise and import the CRL

By mian,on April 3rd,2011%

Blogosphere is abuzz with the fake certificates being issued by the Comodo certificate authority (CA) as if this is the end of the world and those fake certificates can do a lot of harm. The architects of the CA system always took that possibility into account. A certificate can be issued by mistake or fraudulently and the system has the capability to revoke any issued certificate. Every certificate should contain a URL for the Certificate Revocation List (CRL) and all Comodo had to do was to revoke those certificates and update the CRL,which has already been done. Let’s stop the non-sense. The Comodo announcement clearly states that those certs were immediately revoked. All of these certificates were revoked immediately on discovery. Monitoring of OCSP responder traffic has not detected any attempted use of these certificates after their revocation. Please calm down,the CA world is not about to collapse,your gmail and live.com accounts cannot be compromised as long as you are using a modern browser which will actually check for a CRL before trusting the certificate. And those of you who are suggesting to actually delete Comodo CA from the list of trusted CAs should probably find . . . →Read More:Let’s stop fear mongering and non-sense about Comodo Compromise and import the CRL

3 comments   Authentication,SSL

Categories

Archives

A sample text widget

Etiam pulvinar consectetur dolor sed malesuada. Ut convallis euismod dolor nec pretium. Nunc ut tristique massa.

Nam sodales mi vitae dolor ullamcorper et vulputate enim accumsan. Morbi orci magna,tincidunt vitae molestie nec,molestie at mi. Nulla nulla lorem,suscipit in posuere in,interdum non magna.