Trustwave admits issuing man-in-the-middle digital certificate, Mozilla debates punishment
Digital Certificate Authority (CA) Trustwave revealed that it has issued a digital certificate that enabled an unnamed private company to spy on SSL-protected connections within its corporate network, an action that prompted the Mozilla community to debate whether the CA's root certificate should be removed from Firefox. Full story »
Related Posts
- Firm points finger at Iran for SSL certificate theft Iran may have been involved in an attack that resulted in hackers' acquiring bogus digital certificates for some of the Web's biggest sites, including Google and Gmail, Microsoft, Skype and Yahoo, a certificate issuing firm said today.
- Mozilla gives CAs a chance to come clean about certificate policy violations Mozilla has asked all certificate authorities (CAs) to revoke subordinate CA certificates currently used for corporate SSL traffic management, offering an amnesty to any CAs that had breached Mozilla's conditions for having their root certificates...
- Certificate hacker probably paid by Iran, say victimized firms The CEO of a certificate-issuing company that was hacked in March is even more certain now that a wave of attacks against similar firms is backed by the Iranian government.
- VeriSign admits multiple hacks in 2010, keeps details under wraps VeriSign, the company responsible for guiding most of the world's Internet users to the correct websites and once the largest encryption certificate issuing authority, has acknowledged that it was successfully hacked several times in 2010.