Security

VeriSign replaces RapidSSL certificates

by Steve Ragan - Dec 31 2008, 17:06

Share


Share

Interested in a more interactive TTH? Join our Facebook Group
Want regular updates from The Tech Herald? Follow us on Twitter

Comment on this Story

Note our older Talkback system is still running below. We hope to import existing comments into the new system shortly. Guest posting is still allowed, however, you can now login with any number of social network accounts.

Talkback

Add your comment (no registration required)

page: 1 

NoNameDec 31st, 2008 - 20:09:29

I checked the signature algorithm of some in some of my certificates and found that Equifax seems to be using MD5... can someone else verify?

Report this comment

EideardJan 1st, 2009 - 04:18:05

What a crock. Tempest in a teapot would be too dynamic for this farce.

Verisign has been making the changeover for a while, now. Banking IT folks I talk to say they stopped used people like RapidSSL exactly because they continued with MD5.

Verisign said weeks ago, they'd have the transition completed by January 2009.

Uh, that's tomorrow.

Report this comment

TipJan 3rd, 2009 - 07:52:09

The attack seems to be mitigated...unless it has already been exploited before (by organized crime or whoever)! In this case, there may already well exist a certificate seemingly signed by RapidSSL and having the rights to certify other certificates. As RapidSSL only signs end server certificates, this means that, in order to (almost - there may also be some rogue end server certificates) fully thwart the attack, it is necessary to modify SSL implementations to refuse certificates with CA rights, signed with RapidSSL.
This phase-in phase-out stuff is just Verisign making fun of us... It was at least possible to reserve the use of MD5 for renewal and not new customers! And how come then did Verisign perform the transition in one day, while the phase-out took them already more than one year (since the theoretical vulnerability was known)???

Report this comment

page: 1 

Add your comment (no registration required)

AddThis Social Bookmark Button

Advertising

Advertising

Advertising

Latest

Review: Motorola Droid
Facebook settlement means little in the long run
Naked Windows 7 vulnerable to Malware if left in default state
Adobe patches Shockwave Player
SSL flaw allows man-in-the-middle attacks

Latest Articles on Monsters&Critics

Indonesian maids outnumber Filipinos in Hong Kong for first time
US House passes major health reform (Roundup)
House passes major health reform (1st Lead)
House passes major health reform (Urgent)
Fort Hood offers prayers for victims of mass shooting
Australia urged to repatriate Sri Lankan asylum seekers
Report: Iverson given permission to leave Grizzlies
"We're family" - Texas town rallies after tragedy (News Feature)
Cyprus inaugurates new airport in Larnaca
Real beat luckless Atletico, stay one point behind Barca (Roundup)

Notice: Undefined index: continent in /home/thetechh/public_html/class/class.slot.php on line 173

Notice: Undefined index: continent in /home/thetechh/public_html/class/class.slot.php on line 173

Notice: Undefined index: continent in /home/thetechh/public_html/class/class.slot.php on line 173

Notice: Undefined index: continent in /home/thetechh/public_html/class/class.slot.php on line 173