DigiNotar certificate security issue

“We’ve been made aware of a security issue caused by the Netherlands-based CA DigiNotar, who mistakenly issued a valid SSL wildcard certificate for google.com. The existence of this certificate, coupled with the implied lack of proper verification at DigiNotar, means that we consider it inappropriate that our systems continue to trust DigiNotar to issue SSL certificates.”

Coriolis Systems Blog

Apparently there is a rogue Google security Certificate being used somewhere out there on the Internet.

This is a major flaw, as this is the way your computer knows when “he” is actually talking to Google.com or Gmail or any other site belonging to Google, probably including Google Checkout as well.

Recommendation is that you should disable any security certificate from DigiNotar and the post tells you how to do it.

As warning, although i do believe this is a safe practice to do and i currently think that you should do it, i’m not completely sure of it. So decide for your own and do your research before.

The only apparent downside is that you may find some sort of “this website security certificate can’t be trusted” on other sites than Google. But if Google certificate got hijacked how safe do you think that website you’re apparently visiting is?

Update: Apparently Microsoft is also recommending removing DigiNotar Certificates from your computer, so never mind my initial objections.

Leave a Reply

Your email address will not be published. Required fields are marked *