[conspire] DigiNotar Damage Disclosure
alamozzz at yahoo.com
Thu Sep 8 14:30:25 PDT 2011
> Just updated Firefox to the new build that clears out the DigiNotar
> certs, and was surprised to see some certificates with the common
> names "login.skype.com", "login.yahoo.com" and similar, with the
> organization name "Google Ltd.", org unit "Tech Dept.", issuer org
> "The USERTRUST Network". - ???
>>I'm not entirely sure what you're seeing, but just wanted to clarify
>>that, in Firefox, if you select a CA and say you want to remove it,
>>Firefox doesn't _literally_ remove the CA, but does mark it as untrusted
>>so that it is never believed as long as it's so marked.
I find it odd that login.yahoo.com and login.skype.com have Google Ltd. as their organization names. Not sure what that means.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the conspire