Security News > 2020 > July > Digicert revokes a raft of web security certificates

Digicert revokes a raft of web security certificates
2020-07-13 14:36

Digicert is one of the Big Five commercial CAs, short for certificate authorities - companies that sign and vouch for the digital certificates that put the the S in HTTPS and the padlock in your browser's address bar.

The simplest form of web certificate is called self-signed, and anyone can create a self-signed certificate in seconds that claims to represent any web property they like.

Revoke all intermediate certificates on the "Company Y" list, thus implicitly revoking all certificates signed by those companies, including domain validation certificates that didn't need revoking at all.

Digicert opted for the latter approach to minimise disruption to browser users, though apparently it meant revoking 50,000 individual EV certificates instead of just six intermediate certificates.

All EV certificates signed by the above intermediate CAs have now been revoked, but any regular domain validation certificates will remain valid until they expire naturally.


News URL

https://nakedsecurity.sophos.com/2020/07/13/digicert-revokes-a-raft-of-web-security-certificates/