PKI


Expanding Use of PKI in Variety of Devices Holds Challenges

LAS VEGAS–One of the longest running jokes in the security industry is that each coming year finally will be The Year of PKI. While that one huge year never materialized, the use of PKI and digital certificates has become an integral part of how the Internet works today. But there are some challenges on the horizon […]


Two independent researchers are proposing an extension for TLS to provide greater trust in certificate authorities, which have become a weak link in the entire public key infrastructure after some big breaches involving fraudulent SSL certificates.

Already having revoked trust in the root certificates issued by DigiNotar, Mozilla is taking steps to avoid having to repeat that process with any other certificate authority trusted by Firefox, asking all of the CAs involved in the root program to conduct audits of their PKIs and verify that two-factor authentication and other safeguards are in place to protect against the issuance of rogue certificates.

In the wake of this weekend’s revelations of the seriousness of the attack on certificate authority DigiNotar, security experts have renewed criticism of the Internet’s digital certificate infrastructure, with some wondering if larger certificate authorities (CAs) might be too big to fail.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.