Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Mozilla

Submission + - Mozilla changes policy to limit risk of subordinate CA certificate abuse (cso.com.au)

angry tapir writes: "Mozilla is taking steps to limit the risk of powerful subordinate Certificate Authority (CA) certificates falling into the hands of attackers and potentially being used to issue rogue certificates for use in SSL snooping attacks. The browser maker updated its CA Certificate Policy with new requirements that will improve accountability for subordinate CA (sub-CA) certificates and will subject them to restrictions and independent audits. Sub-CA certificates inherit the powers of the issuing Certificate Authority (CA) and can be used to issue SSL certificates for any domain names on the Internet that will be accepted by any browser trusting the issuing CA. Until now, this type of powerful certificate has not been strictly regulated and has not been subjected to the same security audits and controls as the root CA certificates that signed them. In some cases CAs do not even publicly disclose the sub-CA certificates they issue."
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Mozilla changes policy to limit risk of subordinate CA certificate abuse

Comments Filter:

"Necessity is the mother of invention" is a silly proverb. "Necessity is the mother of futile dodges" is much nearer the truth. -- Alfred North Whitehead

Working...