Mozilla eyes changes 'to keep our users safe' !
Mozilla is reviewing a final draft of its baseline policies
to address problems in the way that Internet certificates
are issued.
The browser maker wants certificate authorities (CAs)
that issue certificates to adopt a standard that's been
dubbed "Baseline Requirements for the Issuance and
Management of Publicly-Trusted Certificates" ,
published by the Certificate and Browser Forum
and still in a final draft.
Mozilla consultant Kathleen Wilson said on a Mozilla
development forum that CAs will have until May 25 to
review the draft.
She said that from June 30, Mozilla software will refuse
certificates signed with the troubled MD5 hash algorithm
for intermediate and end-entity CAs, and "will take this
action earlier and at its sole discretion if necessary
to keep our users safe."
In late 2008, security researchers had already exploited
weaknesses in the MD5 algorithm to forge fake certificates.
Subscribe to:
Post Comments (Atom)