Skip to main content

Mozilla Asserts for Security Audits Following DigiNotar Certificate Hack

Having witnessed the high profile security breach at DigiNotar- the Dutch agency that issues digital certificates to websites, makers of the Mozilla Firefox browser are asking the security certificate providers to check their internal security systems and report back within a week.

Mozilla Certificate Authority (CA) Certificates Module owner Kathleen Wilson sent emails to various Certificate Authorities asking to audit their systems for any possible loopholes. In her email , Kathleen asked the CAs to ensure that no one can issue a certificate without the standard two-factor authentication procedure.

Mozilla has issued a September 16 deadline to all the CAs to revert back to its queries. However, it did not disclose what actions it will follow if none of them responds to its request.

"Anytime we see a security issue like this that might affect [sic] multiple CAs, you can expect to see us communicating actively and quickly," a Mozilla spokeswoman said Thursday via instant message, PC World (opens in new tab) reports.

It’s noteworthy that DigiNotar took more than a month to inform Mozilla about the security breach it went through. Mozilla, in response had the firm’s root certificate removed from the list of trusted CAs.

Ravi Mandalia

Ravi Mandalla was ITProPortal's Sub Editor (and a contributing writer) for two years from 2011. Based in Ahmedabad, India, Ravi is now the owner and founder of Parity Media Pvt. Ltd., a news and media company, which specializes in online publishing, technology news and analysis, reviews, web site traffic growth, web site UI. Ravi lists his specialist subjects as: Enterprise, IT, Technology, Gadgets, Business, High Net Worth Individuals, Online Publishing, Advertising, Marketing, Social Media, News, Reviews, Audio, Video, and Multi-Media. He has also previously worked as Dy. Manager - IT Security at (n)Code Solutions.