News

Adobe removes DigiNotar from Approved Trust List

Warwick Ashford

Adobe is in the process of removing web authentication certificates issued by breached Dutch root digital certificate authority DigiNotar from the Adobe Approved Trust List (AATL).

Any digital signature created with a credential that can trace a relationship back to the trustworthy certificates on this list is trusted by Acrobat and Reader 9 and later.

Certificate authorities, such as DigiNotar, as well as governments and businesses that provide certificates to their citizens and employees, can apply to Adobe to join the AATL programme.

The move by Adobe comes just over a week after DigiNotar revealed that its systems had been breached in July, enabling hackers to issue hundreds of fraudulent authentication certificates.

A hacker, who claimed responsibility for hacking into DigiNotar's systems, also claimed to have breached four other certificate authorities, including GlobalSign.

The Belgian certificate authority responded immediately by ceasing to issue authentication certificates for websites while the hacker claim is being investigated.

Security experts have praised the world's fifth largest certificate authority for its quick response. DigiNotar has been criticised for keeping the breach of its systems secret for more than six weeks.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy