Linked by Thom Holwerda on Mon 5th Sep 2011 22:26 UTC
Privacy, Security, Encryption So, people from within Iran have hacked the Dutch company DigiNotar, allowing them to issue fake certificates so they could listen in on Iranian dissidents and other organisation within Iran. This is a very simplified version of the story, since it's all quite complicated and I honestly don't even understand all of it. In any case, DigiNotar detected the intrusion July 19, but didn't really do anything with it until it all blew up in their face this past week. Now, the Dutch government has taken over operational management of DigiNotar... But as a Dutch citizen, that doesn't really fill me with confidence, because, well - whenever the Dutch government does anything even remotely related to IT technology, they mess it up. And mess it up bad.
Thread beginning with comment 488644
To read all comments associated with this story, please click here.
Bill Shooter of Bul
Member since:
2006-07-14

I and several others I know at large companies have removed them as a trusted ca root. You'll find that the internet is much better at granting initial trust than restoring it to someone found unworthy of that trust.

Reply Score: 2

Lennie Member since:
2007-09-22

That would have been kind of a problem if the CA is used by your government and you want to make use of their services. Most people also have no idea how the system works they just rely on others getting it right.

Reply Parent Score: 2

Bill Shooter of Bul Member since:
2006-07-14

A ssl cert CA's business is based on trust. Others must trust them to at a minimum keep their cert issuing authority out of the hands of bad guys. If they don't as in the case of DigiNotar, then people like me stop trusting them. Then people who expect things to work, find they don't and blame the company they are trying to connect with. Then that company switches CA roots to someone who is trusted. And they system works for everyone again.

Reply Parent Score: 2

Bill Shooter of Bul Member since:
2006-07-14

http://threatpost.com/en_us/blogs/microsoft-revokes-trust-five-digi...

FYI,I'm not the only one who no longer trusts them.

Edited 2011-09-07 20:13 UTC

Reply Parent Score: 2