duplication of serial number in Thawte certificates
Mads Rasmussen
mads at opencs.com.br
Mon Jul 28 07:51:43 EDT 2003
Maybe this is old news, but I saw an article from the Register regarding
problems with duplication of serial numbers at Thawte, which could lead
to problems when verifying certificates.
http://www.securityfocus.com/news/6420
"Digital certificate specialist Thawte has discovered that its systems
have issued certificates with duplicate numbers over the last few
months.
If one of the paired certificates is revoked the other will also be
disavowed. Which is a pain. But essential encryption and security
functions are not affected" ...
The excerpt pretty much sums it up, I guess they will recover revoking
all duplicated and issuing new certs to the parties involved.
Regards,
Mads Rasmussen
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list