Linux Today: Linux News On Internet Time.

Recommend Removing RSA Security 1024 V3 root certificate (Mysterious root certificate in Firefox)

Apr 08, 2010, 00:02 (3 Talkback[s])

"> I have not been able to find the current owner of this root. Both RSA > and VeriSign have stated in email that they do not own this root.

"That's rather worrying. Do we know for certain that one or other created it originally? Do we know if it's in any other root stores other than our own?

"The lack of transparency in 2002 re: the source of added roots means we have no idea whether e.g. some malicious actor slipped an extra one into whatever list they were keeping internally to Netscape, and has been MITMing people ever since."

Complete Story

Related Stories: