[SSL Observatory] F-Secure reports malware signed by valid cert, Gov. of Malaysia.

[Adam Langley]

On Tue, Nov 15, 2011 at 9:20 AM, Ondrej Mikle <ondrej.mikle at nic.cz> wrote:
> Probably not. I don't have the exact cert in question, but all the other
> seen certs issued to *.gov.my by Digicert Sdn have 1024 or 2048-bit moduli.

I don't have this exact certificate, but here's a 512-bit certificate
issued to gov.my by DigiCert Sdn Bhd, so it certainly happened.

-----BEGIN CERTIFICATE-----
MIIDCTCCAfGgAwIBAgIDP7O7MA0GCSqGSIb3DQEBBQUAMGUxCzAJBgNVBAYTAk1Z
MRswGQYDVQQKExJEaWdpY2VydCBTZG4uIEJoZC4xETAPBgNVBAsTCDQ1NzYwOC1L
MSYwJAYDVQQDEx1EaWdpc2lnbiBTZXJ2ZXIgSUQgLSAoRW5yaWNoKTAeFw0xMTAz
MTAwNTUyMjhaFw0xMjAzMTAwNTUyMjhaMHIxDjAMBgNVBAoTBUxPRlNBMQwwCgYD
VQQLEwNST0MxHDAaBgNVBAMTE3d3dzEubXlsb2ZzYS5nb3YubXkxIzAhBgNVBAcT
GldpbGF5YWggUGVyc2VrdXR1YW4gTGFidWFuMQ8wDQYDVQQIEwZMYWJ1YW4wXDAN
BgkqhkiG9w0BAQEFAANLADBIAkEAtSZbxCsTKpD3MK8wa633xJC+By8hUIH5qwlU
JeR4xl8hfXaalQ9QyG8Nj2duNHLbYXiyOuMdHqZyg4jW50KSjQIDAQABo30wezAR
BgNVHQ4ECgQIT0JSQIqk4yEwRAYDVR0gBD0wOzA5BgVgg0oBATAwMC4GCCsGAQUF
BwIBFiJodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS5teS9jcHMuaHRtMBMGA1UdIwQM
MAqACExOzCUoAymBMAsGA1UdDwQEAwIE8DANBgkqhkiG9w0BAQUFAAOCAQEAb9XE
XJb2kryHCRSojCj1vbnwQHJDN3y9nx09L4Io4XlDQtWbg4SlXk/gpzyKbqs58Gp8
ULAPeNVn+LlCMBWQwcmLm3IaCtxRt75SCQybSpH1ZVN9XQrSKiBwLAGncLn1WHyp
cuVTiufDqUFUkneHJ3JTrtrb0xSjhfodO7OPnzREVwRkY95ELEQT/Ghpu7fVW+zg
GHPFZZ1wBGiUBvooOGAec3eCAI9OB0runrylDhMb3v0daKBCALzGGDceWsQcIOoI
r2e8ASV2ilf/epEGFYJTjEcvVKAiEZOU5Fk5MphWSn+NQ1Hvw8ZThEsnDDgH96Lp
qfn/XEnotn2+vRm3Ew==
-----END CERTIFICATE-----



Cheers

AGL