Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - India forged Google SSL certificates

NotInHere writes: As Google writes on its Online Security Blog, the National Informatics Centre of India (NIC) used its intermediate CA certificate issued by Indian CCA, to issue several unauthorized certificates for Google domains, allowing to do Man in the middle attacks. Possible impact however is limited, as, according to Google, the root certificates for the CA were only installed on Windows, which Firefox doesn't use, and for the Chrom{e,ium} browser, the CA for important Google domains is pinned to the Google CA.
According to its website, the NIC CA has suspended certificate issuance, and according to Google, its root certificates were revoked by Indian CCA.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

India forged Google SSL certificates

Comments Filter:

"There is no distinctly American criminal class except Congress." -- Mark Twain

Working...