[cryptography] Diginotar broken arrow as a tour-de-force of PKI fail

lodewijk andré de la porte lodewijkadlp at gmail.com
Tue Sep 6 10:53:36 EDT 2011


The article itself is English (to my suprise, honestly) but if there's
any pheriferal information you'd like to have translation off, I'm
natively Dutch and wouldn't mind helping out.

Practically all Dutch government websites of any significance have a
Diginotar certificate. The government is stalling updates that block
Diginotar in hopes of not destroying consumer trust, although that
trust is misplaced. Under these is the DigiD project, which is
considered an equivalent to having a passport on the internet by the
Dutch government.

I wonder if hilarity will ensue.

Lewis

2011/9/6 Peter Gutmann <pgut001 at cs.auckland.ac.nz>:
> "Kevin W. Wall" <kevin.w.wall at gmail.com> writes:
>
>>I don't read Dutch(?), but seems to have been pulled down. I saw it
>>yesterday. Was hoping to share it w/ some of my colleagues.
>
> It was updated after it was posted.
>
>>Do you have alternate URL?
>
> The current link from the reports page is:
>
> http://www.rijksoverheid.nl/documenten-en-publicaties/rapporten/2011/09/05/diginotar-public-report-version-1.html
>
> If it moves again you can find it with this URL:
>
> http://www.rijksoverheid.nl/documenten-en-publicaties/rapporten/?keyword=diginotar&form-period-from=&form-period-to=&form-department=&form-information-type=rapporten
>
> Peter.
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>



More information about the cryptography mailing list