[SSL] Comodo breach in plain English?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

    I'd like to understand what the recent breach at Comodo means in
plain English:


I only know that SSL is based on the two-key encryption method, where
the server sends its public key that the browser will use to encrypt a
session key that will be used to encrypt any HTTPS connection.

If I got it right, certificates are used to be positive that the
server the browser connects is indeed the right server, but I'm not
clear about how this part really works.

Could someone explain this in basic terms?

Thank you.

Re: [SSL] Comodo breach in plain English?

Quoted text here. Click to load it

Certificate authorities are expected to follow their certification
policies to ensure that only Google can obtain a certificate for
www.google.com, Microsoft for live.com et cetera. This is a prerequisite
for trusting them.

In this incident, a security breach at a registration authority allowed an
attacker to issue fraudulent certificates that were nevertheless signed by
Comodo and could therefore have been used successfully to impersonate e.g.

Comodo explains the incident at
http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html . Is there
something in particular you wonder about?

Thor Kottelin
http://www.anta.net /

Site Timeline