|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2013-01-03 19:48:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
Fraudulent certificates in the wild — again
Google reports
that another fraudulent *.google.com digital certificate was
detected by the Chrome browser in late December; this one traces back to
the certificate authority TURKTRUST. "In response, we updated
Chrome’s certificate revocation metadata on December 25 to block that
intermediate CA, and then alerted TURKTRUST and other browser
vendors. TURKTRUST told us that based on our information, they discovered
that in August 2011 they had mistakenly issued two intermediate CA
certificates to organizations that should have instead received regular SSL
certificates." Expect a round of updates from other browser
projects.
Google reports
that another fraudulent *.google.com digital certificate was
detected by the Chrome browser in late December; this one traces back to
the certificate authority TURKTRUST. "In response, we updated
Chrome’s certificate revocation metadata on December 25 to block that
intermediate CA, and then alerted TURKTRUST and other browser
vendors. TURKTRUST told us that based on our information, they discovered
that in August 2011 they had mistakenly issued two intermediate CA
certificates to organizations that should have instead received regular SSL
certificates." Expect a round of updates from other browser
projects.
