Is this the end of the line for DigiNotar?
Posted on 15 September 2011.
DigiNotar is going down quickly and in flames.

After having its SSL and EVSSL certificates deemed untrustworthy by the most popular browsers, around 4200 qualified certificates - i.e. certificates used to create digital signatures - issued by the CA are currently in the process of being revoked and their holders notified of the fact by the Dutch independent post and telecommunication authority (OPTA).

ISC reports that, starting from yesterday, OPTA has terminated the accreditation of DigiNotar as a certificate provider for "qualified" certificates. The revocation of this accreditation also makes DigiNotar unqualified to issue certificates under the PKIoverheid CA.

After having exchanged information with DigiNotar and its auditors, OPTA came to the conclusion that not only has the CA not adhered to the European guidelines and standards governing the issuing of qualified certificates, but has also broken a few local laws.

OPTA's report also finally revealed the auditing firm that missed the rogue Google SSL certificate in July: it's PriceWaterhouseCoopers.

"Itís game over for DigiNotar. Very soon they will officially no longer be a valid entity to issue certificates," commented recently Andrew Storms, Director of Security Operations for nCircle, and it seems that he was right.






Spotlight

New Zeus variant targets users of 150 banks

Posted on 19 December 2014.  |  A new variant of the infamous Zeus banking and information-stealing Trojan has been created to target the users of over 150 different banks and 20 payment systems in 15 countries, including the UK, the US, Russia, Spain and Japan.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Mon, Dec 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //