Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Mozilla

Submission + - Mozilla changes policy to limit risk of subordinate CA certificate abuse->

angry tapir writes: "Mozilla is taking steps to limit the risk of powerful subordinate Certificate Authority (CA) certificates falling into the hands of attackers and potentially being used to issue rogue certificates for use in SSL snooping attacks. The browser maker updated its CA Certificate Policy with new requirements that will improve accountability for subordinate CA (sub-CA) certificates and will subject them to restrictions and independent audits. Sub-CA certificates inherit the powers of the issuing Certificate Authority (CA) and can be used to issue SSL certificates for any domain names on the Internet that will be accepted by any browser trusting the issuing CA. Until now, this type of powerful certificate has not been strictly regulated and has not been subjected to the same security audits and controls as the root CA certificates that signed them. In some cases CAs do not even publicly disclose the sub-CA certificates they issue."
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Mozilla changes policy to limit risk of subordinate CA certificate abuse

Comments Filter:

"'Tis true, 'tis pity, and pity 'tis 'tis true." -- Poloniouius, in Willie the Shake's _Hamlet, Prince of Darkness_

Working...