[clue] Verisign security incidents.
David L. Anselmi
anselmi at anselmi.us
Sun Feb 5 22:08:36 MST 2012
http://nakedsecurity.sophos.com/2012/02/02/verisign-hacked/
They don't think their DNS network was breached, though I'm not sure what that's used for (compared
to anyone else's DNS--perhaps they run some root name servers). I'd be curious whether any of their
CA private keys were compromised.
In order to be included as a trusted CA in IE, Verisign has to go through an audit. So was this
included in audits at the time, or will it have an impact going forward? It would be interesting if
MS pulled the Verisign certs from IE but I'm sure enough money can be spread around that it will be
business as usual, at least for the rest of us.
Dave
More information about the clue
mailing list