[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Microsoft deems all DigiNotar certificates untrustworthy, releases updates

Subject: Microsoft deems all DigiNotar certificates untrustworthy, releases updates
From: damian at google.com (Damian Menscher)
Date: Sun, 11 Sep 2011 16:23:29 -0700
In-reply-to: <CAAAwwbWj+CDFa6sYe+3fVfNtRLzBo8mz819xKRDoy9Sug-XYMw@mail.gmail.com>
References: <[email protected]> <[email protected]> <CAAAwwbUqiRnJws_hi=5at4uN-cn+qq7PqsYSeWO_OizQkrVyrA@mail.gmail.com> <CABSP1Ofnjj27TsA=U4zs7-tpU67pbysSVFygD=WYtJwyTXzDWw@mail.gmail.com> <CAAAwwbWj+CDFa6sYe+3fVfNtRLzBo8mz819xKRDoy9Sug-XYMw@mail.gmail.com>

On Sun, Sep 11, 2011 at 4:02 PM, Jimmy Hess <mysidia at gmail.com> wrote:

> On Sun, Sep 11, 2011 at 1:30 AM, Damian Menscher <damian at google.com>
> wrote:
> > On Fri, Sep 9, 2011 at 11:33 PM, Jimmy Hess <mysidia at gmail.com> wrote:
> > Because of that lost trust, any cross-signed cert would likely be revoked
> by
> > the browsers.  It would also make the browser vendors question whether
> the
>
> I am not engaging in speculation that DigiNotar plans to continue to
> operate, they have already stated so much.
>
> http://www.vasco.com/company/press_room/news_archive/2011/news_diginotar_reports_security_incident.aspx
> "VASCO does not expect that the DigiNotar security incident will have
> a significant impact on the company?s future revenue or business
> plans."
>

I think you are misinterpreting that statement -- I interpret it as meaning
VASCO will continue to exist, and possibly buy another root CA to continue
their business plans.  (They had only recently acquired DigiNotar.)

Damian
-- 
Damian Menscher :: Security Reliability Engineer :: Google

References:
- Microsoft deems all DigiNotar certificates untrustworthy, releases updates
  - From: network.ipdog at gmail.com (Network IP Dog)
- Microsoft deems all DigiNotar certificates untrustworthy, releases updates
  - From: marcus at blazingdot.com (Marcus Reid)
- Microsoft deems all DigiNotar certificates untrustworthy, releases updates
  - From: mysidia at gmail.com (Jimmy Hess)
- Microsoft deems all DigiNotar certificates untrustworthy, releases updates
  - From: damian at google.com (Damian Menscher)
- Microsoft deems all DigiNotar certificates untrustworthy, releases updates
  - From: mysidia at gmail.com (Jimmy Hess)

Prev by Date: Why are we still using the CA model? (Re: Microsoft deems all
Next by Date: Microsoft deems all DigiNotar certificates untrustworthy, releases updates
Previous by thread: Microsoft deems all DigiNotar certificates untrustworthy, releases updates
Next by thread: Microsoft deems all DigiNotar certificates untrustworthy, releases updates
Index(es):
- Date
- Thread