Wednesday, April 6, 2011

Revoke fraudulent Comodo digital certificates

Fraudulent digital certificates were issued by the Comodo Certificate Authority, for sites such as Microsoft Live, googlemail, skype and Mozilla addons. Potentially, visitors to fake sites with these fraudulent certificates could have been deceived into thinking they were the real site. Apparently the fraud was detected before this could happen. The Fraudulent certificates have been revoked, and browsers with certificate revocation checking enabled will identify the certificates as invalid. Some browsers have automatic revocation; in others it has to be enabled. It's also possible (in Firefox at least- I haven't tried it in other browsers) to manually import a revocation list. Details here at nakedsecurity.

1 comment: