[SSL Observatory] comodo incident report
Steve Schultze
sjs at princeton.edu
Wed Mar 23 17:56:56 PDT 2011
On Mar 23, 2011, at 4:23 PM, Jacob Appelbaum wrote:
> On 03/23/2011 12:18 PM, Hodges, Jeff wrote:
>>
>>
>>> Jacob Appelbaum
>>> Sent: Tuesday, March 22, 2011 10:17 PM
>>>
>>> I wanted to start a thread about this blog post I just finished writing:
>>> https://blog.torproject.org/blog/detecting-certificate-authority-compromises-and-
>>> web-browser-collusion
>>
>> Report of incident on 15-MAR-2011
>> http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html
>>
>
> I've replied to their update here:
> https://blog.torproject.org/blog/detecting-certificate-authority-compromises-and-web-browser-collusion#Update
BTW, PHB has a post here:
http://blogs.comodo.com/it-security/data-security/the-recent-ca-compromise/
Of note:
"An attacker obtained the username and password of a Comodo Trusted Partner in Southern Europe."
and
"A web survey revealed one of the certificates deployed on another IP address assigned to an Iranian ISP."
More information about the Observatory
mailing list