In July 2011, Dutch certification authority (CA) DigiNotar experienced a security incident that affected the national security infrastructure of both governmental and non-governmental bodies in the Netherlands. The government commissioned a report looking into the incident and the broader CA/SSL market. One of the conclusions of the Dutch government’s report is that alternatives to PKI are not mature and replacements are nowhere in sight. At Entrust, we definitely agree. We feel strongly that PKI, SSL and the use of the digital certificates are still the most effective methods to implement strong authentication to secure information, applications and devices.
It is, however, now up to the CA community to raise the bar on security and trust to help maintain the integrity and viability of the Internet. As a member of the CA/Browser Forum, Entrust works diligently with fellow CAs, browser developers and stakeholders to make sure the proper steps are taken, on a global scale, to help secure the Internet for the greater good.
Unfortunately, the report is only in Dutch, but Google does a pretty good job translating.