[Cryptography] HP accidentally signs malware, will revoke certificate

dan at geer.org dan at geer.org
Fri Oct 10 22:11:57 EDT 2014


[ public case study now in progress ]

HP accidentally signs malware, will revoke certificate

(Ars:) http://arstechnica.com/security/2014/10/hp-accidentally-signed-malwa=
re-will-revoke-certificate/

    Regardless of the cause, the revocation of the affected certificate
    will require HP to re-issue a large number of software packages with a
    new digital signature. While the certificate drop may not affect
    systems with the software already installed, users will be alerted to
    a bad certificate if they attempt to re-install software from original
    media. The full impact of the certificate revocation won't be known
    until after Verisign revokes the certificate on October 21, Wahlin
    said.



More information about the cryptography mailing list