Is this the end of the line for DigiNotar?
Posted on 15 September 2011.
DigiNotar is going down quickly and in flames.

After having its SSL and EVSSL certificates deemed untrustworthy by the most popular browsers, around 4200 qualified certificates - i.e. certificates used to create digital signatures - issued by the CA are currently in the process of being revoked and their holders notified of the fact by the Dutch independent post and telecommunication authority (OPTA).

ISC reports that, starting from yesterday, OPTA has terminated the accreditation of DigiNotar as a certificate provider for "qualified" certificates. The revocation of this accreditation also makes DigiNotar unqualified to issue certificates under the PKIoverheid CA.

After having exchanged information with DigiNotar and its auditors, OPTA came to the conclusion that not only has the CA not adhered to the European guidelines and standards governing the issuing of qualified certificates, but has also broken a few local laws.

OPTA's report also finally revealed the auditing firm that missed the rogue Google SSL certificate in July: it's PriceWaterhouseCoopers.

"It’s game over for DigiNotar. Very soon they will officially no longer be a valid entity to issue certificates," commented recently Andrew Storms, Director of Security Operations for nCircle, and it seems that he was right.






Spotlight

How GitHub is redefining software development

Posted on 26 January 2015.  |  The security industry is slowly realizing what the developer community knew for years - collaboration is the key to and likely the future of innovation.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Jan 29th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //