Friday, March 29, 2024

Mozilla Demands Security Checks from CAs

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

InfoWorld: In response to the DigiNotar hack which resulted in the issuance of fake Google SSL certificates, the Mozilla Foundation is requiring all certificate authorities (CAs) to complete unprecedented security requirements. Mozilla, which maintains the Firefox Web browser, has given the 600+ CAs eight days to audit their infrastructure, note their dependencies on other CAs, require two-factor authentication, make it more difficult to make changes to high-profile websites, and require their suppliers to do the same. Those that don’t may find themselves “untrusted” by Firefox and Mozilla’s other software.

“Participation in Mozilla’s root program is at our sole discretion, and we will take whatever steps are necessary to keep our users safe,” said Mozilla’s Kathleen Wilson.

The company is already denying access to any sites that use DigiNotar certificates.

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles