Linked by HAL2001 on Tue 20th Sep 2011 21:48 UTC
Privacy, Security, Encryption After having its SSL and EVSSL certificates deemed untrustworthy by the most popular browsers, VASCO announced that DigiNotar, filed a voluntary bankruptcy petition and was declared bankrupt today. This is unsurprising, since a report issued by security audit firm Fox-IT, who has been hired to investigate the now notorious DigiNotar breach, revealed that things were far worse than we were led to believe.
Permalink for comment 490157
To read all comments associated with this story, please click here.
No big surprise here.
by Alfman on Tue 20th Sep 2011 23:48 UTC
Alfman
Member since:
2011-01-28

DigiNotar had to fall.

However this does nothing to solve the more fundamental problem of third party trust built into HTTPS/SSL.

With hundreds of CA's today, each and every one of them posses the technical ability to sign fraudulent certificates which the browsers would validate as genuine. This is a real hurdle for the IT community.


I had a long discussion with Lennie, another poster here on osnews, about some alternative ideas. I believe his "convergence" video link does an excellent job highlighting the issues and potential solutions.

http://www.osnews.com/thread?488772

Personally I favor DNS based solutions which eliminate the underlying need for third party CA's.

Edited 2011-09-20 23:49 UTC

Reply Score: 3