Mozilla has asked all certificate authorities (CAs) to revoke subordinate CA certificates currently used for corporate SSL traffic management, offering an amnesty to any CAs that had breached Mozilla’s conditions for having their root certificates ship with its products. The request comes after Trustwave recently admitted to issuing a sub-CA…
Mozilla asking CAs to revoke SSL-spying certificates
Mozilla plans to ask all certificate authorities to review their subordinate CA certificates and revoke those that could be used by companies to inspect SSL-encrypted traffic for domain names they don’t control. The plan, for which details are still being worked out, is Mozilla’s response to Trustwave’s recent claim that…
Google and Apple fail to revoke DigiNotar SSL certificates on smartphone
Browser makers have generally been quick to react to the computer compromise at digital certificate issuer DigiNotar, but that hasn’t been the case for all mobile phone makers. Neither Google nor Apple would comment on whether they plan to revoke certificates issued by DigiNotar for Android or the iPhone, even…