[cryptography] [OT] After Digital Certificate Hack, Mozilla Seeks Reassurances

James A. Donald jamesd at echeque.com
Fri Sep 9 00:27:39 EDT 2011


> http://www.pcworld.com/businesscenter/article/239699/after_digital_certificate_hack_mozilla_seeks_reassurances.html
>
> In emails sent out to digital certificate authorities Thursday,
> Mozilla Certificate Authority (CA) Certificates Module owner Kathleen
> Wilson asked CAs such as Symantec and Go Daddy to audit their systems
> for any possible compromise, confirm that nobody can issue a digital
> certificate without two-factor authentication, and shore up practices
> with any third parties that might be able to issue digital
> certificates using the CA's root key.

Thank you for your interest.  We have just audited our systems following 
Sarbannes Oxley rules, using the same big name auditors as audited AIG, 
countrywide, and Washington Mutual, and they report that everything is 
lovely.




More information about the cryptography mailing list