Ben Laurie, Google On August 28, 2011, a mis-issued wildcard HTTPS certificate for google.com was used to conduct a man-in-the-middle attack against multiple users in Iran. The certificate had been issued by a Dutch CA (certificate authority) known as DigiNotar, a subsidiary of VASCO Data Security International. Later analysis showed that DigiNotar had been aware of the breach in its systems for more than a month—since at least July 19. It also showed that at least 531 fraudulent certificates had been issued. The final count may never be known, since DigiNotar did not have records of all the mis-issued certificates. On September 20, 2011, DigiNotar was declared bankrupt. The damage caused by this breach was not confined to Iran. When the DigiNotar roots were eventually revoked, two weeks after the initial discovery, they included one used by the Dutch government to provide Internet services. This revocation prevented the Dutch from buying and selling cars, electronically clearing customs, and purchasing electricity on the international market, among many other things. Also, of course, every Web server with a certificate issued by DigiNotar had to scramble to get a new certificate.
展开▼
机译:Google的本·劳里(Ben Laurie),2011年8月28日,使用了google.com发行错误的通配符HTTPS证书对伊朗的多个用户进行了中间人攻击。该证书是由荷兰VASCO Data Security International的子公司DigiNotar颁发的。后来的分析表明,至少从7月19日开始,DigiNotar意识到其系统中的漏洞已超过一个月了。它还表明,至少已颁发了531个欺诈性证书。由于DigiNotar并没有记录所有未正确发行的证书,因此最终的数目可能永远无法得知。 DigiNotar在2011年9月20日宣布破产。这次违反所造成的损害不仅仅限于伊朗。当DigiNotar的根源最终被撤销后,即最初发现的两周后,其中包括荷兰政府用来提供Internet服务的根源。此次撤销使荷兰人无法买卖汽车,电子清关,在国际市场上购买电力等。同样,当然,每个具有DigiNotar颁发的证书的Web服务器都必须争先恐后才能获得新的证书。
展开▼
