Tag Archives: DigiNotar

Some Comments on Web Security

June 14, 2013 by Bruce Morton     No Comments

Web security is a topic important to health and viability of the internet. It is crucial for privacy, integrity and authenticity of sites and users alike.

Public Key Pinning Extension for HTTP

January 21, 2013 by Bruce Morton     No Comments

In 2011, Google added public key pinning to Chrome. They white-listed the certification authority public keys that could be used to secure Google domains.

SSL News from Black Hat and DEF CON

August 28, 2012 by Bruce Morton     No Comments

I like to follow up each year with the SSL news from Black Hat USA and DEF CON 20. I was just looking for my 2011 follow-up and found out that I never released it. Unfortunately, I started the write up just before the DigiNotar fiasco and never finished it. So what SSL presentations occurred [Read More...]

What is TACK?

June 4, 2012 by Bruce Morton     No Comments

Two researchers have prepared a draft standard for the Internet Engineering Task Force to help extend the trust of SSL certificates. The approach is Trust Assertions for Certificate Keys, or TACK, and was prepared by Trevor Perrin and Moxie Marlinspike. TACK is an SSL extension that enables a Web server to assert the authenticity of [Read More...]

Dutch Government: PKI alternatives, replacements not on horizon

March 29, 2012 by Dave Rockvam     No Comments

In July 2011, Dutch certification authority (CA) DigiNotar experienced a security incident that affected the national security infrastructure of both governmental and non-governmental bodies in the Netherlands. The government commissioned a report looking into the incident and the broader CA/SSL market. One of the conclusions of the Dutch government’s report is that alternatives to PKI [Read More...]

VASCO/DigiNotar – the Entrust Perspective

September 14, 2011 by Bruce Morton     No Comments

So what happened? DigiNotar, a publicly trusted Certification Authority based in the Netherlands and a wholly owned subsidiary of VASCO, was compromised in July 2011. This compromise came to light in late August with the discovery of a fraudulent SSL certificate issued to *.google.com. The browser community took immediate steps to disable the DigiNotar root [Read More...]

Filed Under: Secure Browsing, SSL Tagged With: SSL