Follow Slashdot stories on Twitter


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - Fake SSL Certificates Issues for Popular Domains ( 2

An anonymous reader writes: Google, Mozilla and now Microsoft are warning of fake certificates apparently issued using a Comodo certificate, which is trusted by all browsers. Sadly this comes just after large sites like Facebook and Twitter enabled users to opt in to SSL by default. The affected host names are,,, , and All popular domains that may now be impersonated using the fake certificates. As the ISC diary puts it: Turing the SSL trust pyramid into a stinking pile of doo
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Fake SSL Certificates Issues for Popular Domains

Comments Filter:
  • An SSL certificate proves: "I have paid exactly ONE person who vouches for me in exchange for money"

    This is pretty crap. Especially for top sites like Facebook, or banking sites. A certificate signed by only ONE authority is supposed to mean something? So that if any ONE authority is compromised, we have a problem? Meanwhile, businesses can't easily set up their own authorities and expect people to be able to use them- I don't know about you, but I don't care if some random entity vouches for www.bankofamer

  • by blair1q ( 305137 ) on Wednesday March 23, 2011 @03:27PM (#35590612) Journal

    The issuer was tricked into issuing the genuine certificates with fake identifications on them.

    The issuer discovered it.

    The issuer put the certificates on the blacklist.

    If your browser knows how to use the blacklist, you're safe.

    How do you know if your browser knows how to use the blacklist or not?

"The pathology is to want control, not that you ever get it, because of course you never do." -- Gregory Bateson