Slashdot Mirror

← Back to Stories (view on slashdot.org)

Comodo Says Two More RAs Compromised

Posted by CmdrTaco on from the no-time-for-compromise dept.

Trailrunner7 writes "Officials at Comodo have acknowledged that an additional two registration authorities affiliated with the company have been compromised in the wake of the high-profile attack on the company that was disclosed last week. Addressing a list of concerns about Comodo's practices raised by customers and browser vendors in the wake of the attack, Alden said that the company is now in the process of rolling out a new two-factor authentication system for its RAs. Comodo also is installing other security measures as a result of the attack."

2 of 144 comments (clear)

  1. Re:Removed by IgnoramusMaximus · · Score: 3, Informative

    You can't do that. Only user installed certs can be deleted. You have to use "Get Info" on the Comodo cert, expand the "Trust" section and set the drop-down to "Do not trust". The icon for the cert will get a red "x" indicating its untrusted.

  2. Re:Removed by Anonymous Coward · · Score: 4, Informative

    delete everything under Comodo

    And the next time Firefox is updated (which happens frequently) the Comodo certificates will be back.

    For each Comodo certificate you need to click on Edit and clear all the check boxes so the certificate won't be used for anything. This change survives updates. As I pointed out in a comment the other day (for which I received many flames) this user interface is completely inadequate for managing the hundreds of certificates that ship with Firefox.