Comodo has posted a detail incident report here: http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html
Several login servers were affected. -MH On Mar 24, 2011, at 7:09 AM, John Bradley wrote: > > > http://threatpost.com/en_us/blogs/phony-ssl-certificates-issued-google-yahoo-skype-others-032311?utm_source=Threatpost&utm_medium=Tabs&utm_campaign=Today%27s+Most+Popular > > The browser venders blocking those certificates is nice, however there are > attacks on RP that could be done with those certificates that are still open. > > In testing something like 0% of RP check OCSP or CRL, the libs don't force > openSSL to so those checks (I think DNOA will do them in FICAM mode) > > So perhaps encouraging people to perform those checks would be a good idea. > > We can only hope that none of the 9 certificates cover openID OP, otherwise > user accounts at RP could theoretically be compromised. > > John B. > > > _______________________________________________ > security mailing list > [email protected] > http://lists.openid.net/mailman/listinfo/openid-security _______________________________________________ security mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-security
