Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Finally Removes DigiNotar Certs In Safari

Posted by Soulskill on from the better-late-than-never dept.

Trailrunner7 writes "Apple has finally released a fix for the certificate trust issue caused by the attack on DigiNotar, more than a week after the fraudulent certificates were identified and other browser vendors moved to revoke trust in them. While Microsoft, Mozilla and Google had been communicating with users about the issue and pushing out new versions and updates to eliminate the compromised certificate authorities from their browsers, Apple had been mum about the attack and hadn't given any indication of when it might issue an update for Safari. On Friday the company published a security advisory for Mac OS X users, saying that it was removing DigiNotar's certificates from its trust list."

1 of 149 comments (clear)

  1. Re:Pointless Apple-bashing by Firehed · · Score: 3, Interesting

    Of course, updating the trusted CA cert list shouldn't require a full system upgrade either. They have a kill switch for rogue apps; there should be a similar infrastructure in place for certificate revocation (is there? I don't know - doesn't sound like it. But there should be)

    --
    How are sites slashdotted when nobody reads TFAs?