And they should be dead as soon as possible, if not sooner. Maybe I can interest someone in a cert from Tim's CA - I run it at home on a Win95 machine. Seems good enough to me don't you think?
...Tim From: Andrew S. Baker [mailto:[email protected]] Sent: Tuesday, September 06, 2011 2:10 PM To: NT System Admin Issues Subject: Re: DigiNotar compromise Hi Tim, Perhaps you should say, "former CA" They'll be dead before the paint dries on this investigation. BTW, this is one reason why I never buy it that any particular vendor is likely to be secure or robust or whatever because of the line of business they're in. Just because they're a bank, hospital, security vendor, CA, etc, doesn't mean that they're doing all the right things. DigiNotar had every reason (except short-term profits) to pursue an effective security strategy, but didn't. And now their profits have ended, too... ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market... On Tue, Sep 6, 2011 at 4:01 PM, Tim Evans <[email protected]<mailto:[email protected]>> wrote: If this is true, I find this absolutely unacceptable that a commercial CA would run a system like this. Incredible http://computer-forensics.sans.org/blog/2011/09/06/diginotar-incident-response-report-no-logging-weak-password-no-protected-network Tim Evans Associate, Information Technology Manager S P A R L I N G (206) 667-0509<tel:%28206%29%20667-0509>-Direct (206) 391-8004<tel:%28206%29%20391-8004>-Mobile www.sparling.com<http://www.sparling.com> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
