[cryptography] Another CA hacked, it seems.

Ralph Holz holz at net.in.tum.de
Thu Dec 8 12:23:49 EST 2011


Hi,

> Did they successfully hack the CA functionality or just a web site housing
> network design documents for various dutch government entities?  From what
> survives google translate of the original dutch it appears to be the latter
> no?

Too early for a definite call. But there is also this report that 1,000
certs have been revoked in the past 2-3 months.

http://translate.google.com/translate?hl=nl&sl=nl&tl=en&u=http%3A%2F%2Fwebwereld.nl%2Fnieuws%2F108829%2Fspoeddebat-over-ingetrokken-kpn-certificaten-.html

Might also be some routine revocation for replaced certs, though;
reasons are not given it seems.

> And if Kerckhoff's principle was followed what does it matter if some
> network design docs were leaked.  You would hope they dont contain router
> passwords or such things.

Yes, with respect to the hope part. Although, personally, I wouldn't
dream of running phpmyadmin if I were a CA.

> I'd hestitate calling that a "CA hacked" even if the web site was a web
> site
> belonging to someone who operates a CA. 
> Is there more detail?

Not yet, I think. So let's not call it "hacked", if you want, but just
"seriously embarassed". And I keep looking over towards the popcorn, tea
& biscuits stand. :-)

Ralph

-- 
Dipl.-Inform. Ralph Holz
I8: Network Architectures and Services
Technische Universität München
http://www.net.in.tum.de/de/mitarbeiter/holz/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20111208/99406bec/attachment.asc>


More information about the cryptography mailing list