security issue: DigiNotar root certificate hacked
D. Hugh Redelmeier
hugh-pmF8o41NoarQT0dZR+AlfA at public.gmane.org
Wed Sep 7 15:48:02 UTC 2011
Much security on the internet is based on a tree of digital certificates.
The roots (note plural) are wired-in to browsers.
The DigiNotar root certificate has been hacked so it should not be
trusted.
Browser updates will revoke the DigiNotar certificate.
If you cannot update your browser, you can revoke DigiNotar's root
certificate by hand. I just did that on my desktop (which is running a
Fedora that is no longer supported).
In Firefox: Edit: Preferences: Advanced: Encryption: View Certificates:
Scan down for DigiNotar.
Click on the triangle next to it to open it up.
Click on the only cert in it.
Click Delete.
I think that will do the job. Better would be a Certificate Revocation
List (CRL) entry, but I don't know how to do that.
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list