[cryptography] *.google.com certificate issued by DigiNotar

coderman coderman at gmail.com
Fri Sep 2 17:00:35 EDT 2011

On Fri, Sep 2, 2011 at 11:50 AM, Marsh Ray <marsh at extendedsubset.com> wrote:
> ...
> What's the difference between a private key in the wild and a pwned CA that,
> even months after a breakin and audit, doesn't revoke or even know what it
> signed?

i should have been more clear; by pwning the HSM i meant to imply the
root or signing intermediary private key lifted. not just malicious
CSRs processed on demand.

the difference being that arbitrary certs could be created for
arbitrary domains effective against all old versions of software/OS
anchored to the compromised CA. lots of re-installs and old versions
floating around out there at any given moment.

(how long would it take a modern system to generate and sign forgeries
of every cert in the ssl observatory?)

More information about the cryptography mailing list