[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Microsoft deems all DigiNotar certificates untrustworthy, releases updates
- Subject: Microsoft deems all DigiNotar certificates untrustworthy, releases updates
- From: damian at google.com (Damian Menscher)
- Date: Mon, 12 Sep 2011 10:50:09 -0700
- In-reply-to: <CAHyNd163a5Yc=sCM7a6DamG=Jm1XecnPmcFbnu=OwDxn--b1ag@mail.gmail.com>
- References: <CAAAwwbUqiRnJws_hi=5at4uN-cn+qq7PqsYSeWO_OizQkrVyrA@mail.gmail.com> <CABSP1Ofnjj27TsA=U4zs7-tpU67pbysSVFygD=WYtJwyTXzDWw@mail.gmail.com> <[email protected]> <[email protected]> <CAHyNd163a5Yc=sCM7a6DamG=Jm1XecnPmcFbnu=OwDxn--b1ag@mail.gmail.com>
On Mon, Sep 12, 2011 at 7:09 AM, Martin Millnert <millnert at gmail.com> wrote:
>
> Something similar, including use of purchased (not only limited to
> stolen certs), is ongoing already, all of the time. (I had a fellow
> IRC-chat-friend report from a certain very western-allied middle
> eastern country that there's ISP/state-scale SSL-MITM ongoing there,
> for all https traffic.)
If this were true, don't you think your friend would provide an SSL cert?
Damian
--
Damian Menscher :: Security Reliability Engineer :: Google