nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Microsoft deems all DigiNotar certificates untrustworthy, releases

From: Ted Cooper <ml-nanog090304q () elcsplace com>
Date: Wed, 14 Sep 2011 13:55:05 +1000
On 14/09/11 13:44, Christopher Morrow wrote:

On Tue, Sep 13, 2011 at 11:33 PM, Jima <nanog () jima tk> wrote:

 Huh?  I'm a bit lost here, since I had two StartSSL certs issued yesterday
afternoon.


orly? wierd, they made a press release ~last-june (I think?) stating
they were stopping issuance indefinitely. I do hope they are actually
issuing again :)

I like my random numbers to be free.


As claimed by the DigiNotar hacker - He compromised their servers but
Eddy was manually approving certs at the time and so no certs were signed.

There was information about it on the site, but it seems to be gone now.
Articles still show a screenshot of the message you're talking about [1]
, but the site was back alive in July when I needed a certificate.

"A separate notice on another part of the company's site says that its
services would be unavailable until June 20, " [2]

I've certainly been able to issue certificates for myself since then.

[1]
http://news.netcraft.com/archives/2011/06/22/startssl-suspends-services-after-security-breach.html

[2]
http://threatpost.com/en_us/blogs/ca-startssl-compromised-says-certificates-not-affected-062111
Previous By Date Next
Previous By Thread Next

Current thread: