Tuesday, 22. July 2003
Thawte issues doppelganger certs warning
Thawte issues doppelganger certs warning By John Leyden Posted: 17/07/2003 at 16:04 GMT
Digital certificate specialist Thawte has discovered that its systems have issued certificates with duplicate numbers over the last few months.
If one of the paired certificates is revoked the other will also be disavowed. Which is a pain. But essential encryption and security functions are not affected.
A technical rep for the South Africa-based security firm assured us that each private key obtained for a certificate is unique regardless of the certificate's serial number. We're thankfully not looking at a repeat of the incident two years ago when Verisign mistakenly issued a pair of digital certificates to scam artists in Microsoft's name .
...
[The Register - Security]
10:42 |
#
disLEXia, a research project by Maximillian Dornseif
 |  |  | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |  |  | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||