On 8/09/11 5:34 AM, Fredrik Henbjork wrote:
http://www.globalsign.com/company/press/090611-security-response.html
This whole mess just gets "better and better"...
"As a responsible CA, we have decided to temporarily cease issuance of
all Certificates until the investigation is complete. ....
"GlobalSign has officially announced the appointment of Fox-IT to assist
with investigations into the claimed breach. Fox-IT is the Dutch
cybersecurity experts hired to investigate the compromise of the Dutch
CA DigiNotar and therefore already have a wealth of current knowledge
and experience of the hacker."
Hmmmm.... I'm not sure I'd suspend issuance without some evidence. If
it was me. I might put all issuances under manual control and checking
... but evidence would be highly respected in this case.
iang
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
