Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
tails
tails
Commits
797e25c6
Commit
797e25c6
authored
Jan 09, 2012
by
Tails developers
Browse files
doc: Mention the DigiNotar debacle
parent
40ecdb3a
Changes
1
Hide whitespace changes
Inline
Side-by-side
wiki/src/doc/about/warning.mdwn
View file @
797e25c6
...
...
@@ -87,7 +87,9 @@ the service.
[[!img ssl_warning.png link=no alt="This Connection is Untrusted"]]
But on top of that the certificate authorities model of trust on Internet is
susceptible to various methods of compromise. For example, in March 15, 2011,
susceptible to various methods of compromise.
For example, on March 15, 2011,
Comodo, one of the major SSL certificates company, reported that a user account
with an affiliate registration authority had been compromised. It was then used
to create a new user account that issued nine certificate signing requests for
...
...
@@ -96,6 +98,14 @@ seven domains: mail.google.com, login.live.com, www.google.com, login.yahoo.com
See [Comodo: The Recent RA
Compromise](http://blogs.comodo.com/it-security/data-security/the-recent-ra-compromise/).
Later in 2011, DigiNotar, a Dutch SSL certificate company, incorrectly issued
certificates to a malicious party or parties. Later on, it came to light that
they were apparently compromised months before or perhaps even in May of 2009 if
not earlier. Rogues certificates were issued for domains such as google.com,
mozilla.org, torproject.org, login.yahoo.com and many more. See, [The Tor
Project: The DigiNotar Debacle, and what you should do about
it](https://blog.torproject.org/blog/diginotar-debacle-and-what-you-should-do-about-it).
**This still leaves open the possibility of a man-in-the-middle attack even when
your browser is trusting an HTTPS connection.**
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment