I wonder how many CAs are going to report back with defects and promises that they will fix?
http://www.pcworld.com/businesscenter/article/239699/after_digital_certificate_hack_mozilla_seeks_reassurances.html In emails sent out to digital certificate authorities Thursday, Mozilla Certificate Authority (CA) Certificates Module owner Kathleen Wilson asked CAs such as Symantec and Go Daddy to audit their systems for any possible compromise, confirm that nobody can issue a digital certificate without two-factor authentication, and shore up practices with any third parties that might be able to issue digital certificates using the CA's root key. Mozilla is giving CAs until Sept. 16 to respond to the email, but the browser maker is not saying what will happen if any of its 54 CAs ignore the request. ... _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
