The Death of a Certificate Authority
If you didn't already know, DigiNotar was hacked mid-July. (DigiNotar was a certificate authority, which verifies a website is authentic when using https). This had many serious consequences as several of their certificates were stolen and used in the wild. The attack is believed to have originated in Iran, and there are reports of the certificates being used in Iran to man-in-the-middle Google's search engine. This is extremely dangerous, and because of this many browsers have removed DigiNotar from their trusted root CAs, including Chrome, Firefox, and Internet Explorer. Safari user's still remain vulnerable, although it is easy to fix yourself, by removing DigiNotar from your list of trusted CAs. So what does that mean for DigiNotar? Unfortunately, if browsers no longer trust you as a root CA, you are destined to fail and will likely go out of business.
The greatest take away from this entire incident, is the public eye-opener to how much we trust and rely on certificate authorities. This is a serious issue, and has been for quite some time, as pointed out by researcher Dan Kaminsky several years ago. I think everyone should take the time to read this article, where the EFF points out the larger issue: using certificate authorities to verify websites is not a sustainable solution! We can do better, Internet. We need new solutions, such that this issue does not resurface!
The greatest take away from this entire incident, is the public eye-opener to how much we trust and rely on certificate authorities. This is a serious issue, and has been for quite some time, as pointed out by researcher Dan Kaminsky several years ago. I think everyone should take the time to read this article, where the EFF points out the larger issue: using certificate authorities to verify websites is not a sustainable solution! We can do better, Internet. We need new solutions, such that this issue does not resurface!