[144550] in North American Network Operators' Group
Re: Microsoft deems all DigiNotar certificates untrustworthy, releases
daemon@ATHENA.MIT.EDU (Ted Cooper)
Tue Sep 13 23:56:52 2011
Date: Wed, 14 Sep 2011 13:55:05 +1000
From: Ted Cooper <ml-nanog090304q@elcsplace.com>
To: nanog@nanog.org
In-Reply-To: <CAL9jLabGYJbYYVT1o+fcLGqOaD3q_i3hQDPqg0jNx7HeAHZupA@mail.gmail.com>
Reply-To: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 14/09/11 13:44, Christopher Morrow wrote:
> On Tue, Sep 13, 2011 at 11:33 PM, Jima <nanog@jima.tk> wrote:
>> Huh? I'm a bit lost here, since I had two StartSSL certs issued yesterday
>> afternoon.
>
> orly? wierd, they made a press release ~last-june (I think?) stating
> they were stopping issuance indefinitely. I do hope they are actually
> issuing again :)
>
> I like my random numbers to be free.
As claimed by the DigiNotar hacker - He compromised their servers but
Eddy was manually approving certs at the time and so no certs were signed.
There was information about it on the site, but it seems to be gone now.
Articles still show a screenshot of the message you're talking about [1]
, but the site was back alive in July when I needed a certificate.
"A separate notice on another part of the company's site says that its
services would be unavailable until June 20, " [2]
I've certainly been able to issue certificates for myself since then.
[1]
http://news.netcraft.com/archives/2011/06/22/startssl-suspends-services-after-security-breach.html
[2]
http://threatpost.com/en_us/blogs/ca-startssl-compromised-says-certificates-not-affected-062111
