Slashdot Mirror

← Back to Stories (view on slashdot.org)

Server Snafu Makes Microsoft Beg For CA Audit Data From Its Partners (softpedia.com)

Posted by BeauHD on from the updated-records dept.

An anonymous reader writes: Microsoft, just like Google, Apple, and Mozilla, is part of the CA/BForum, an organization of web browser vendors and certification authorities (CAs). As a browser vendor, Microsoft maintains a list of authorized CAs and their respective root certificates. According to a message on the CA/BForum, there was an error on the server that was running a CRM application that managed this list of trusted certificates and the adjacent details regarding each certificate and CA. The data is lost forever and Microsoft is now asking CAs to resend their most recent audits. Currently a lot of certs are broken in Edge and IE. Microsoft says that it lost audit data for 147 root certificates, which resulted in many SSL/TLS certificates showing errors inside the company's products.

5 of 115 comments (clear)

  1. Re:wtf by Forever+Wondering · · Score: 4, Insightful

    Seriously. No backup?

    Maybe they used Azure for their backup ...

    --
    Like a good neighbor, fsck is there ...
  2. Re:wtf by Anonymous Coward · · Score: 5, Insightful

    This might be the correct explanation. I have seen the technology management to actually trust on their "the cloud is the backup" fairytale. And then we lost data multiple times thanks to software or administration errors which deleted the data from all replicates. After fourth data loss the dumb ass management started to plan a real write-only backup system. Thankfully I don''t work on that company anymore as the management is still there planning for their next failures.

  3. Re:wtf by unrtst · · Score: 3, Insightful

    ... rolled back to an old backup. As a result, we lost audit data for about 147 roots.

    How the fuck are there that many changes for root CA's withing the period of one backup?

  4. Re:wtf by Sarten-X · · Score: 3, Insightful

    There are fallbacks, backups, and disaster recovery mechanisms. They are three different things, with three different purposes, and managers love to confuse them.

    --
    You do not have a moral or legal right to do absolutely anything you want.
  5. Re: wtf by lucm · · Score: 1, Insightful

    Microsoft like many other tech companies has lots of problems with middle management. Good managers get promoted quickly to more senior roles because there's constant growth and new projects; this means that what's left in middle management ris mediocre lifers or total noobs who haven't shown their potential yet. It's a dead layer with zero potential for improvement unless the company goes stale like IBM. Promoting insiders to middle management doesn't fill the void, it accelerates the spiral.

    This is one of the drivers of the flat structure that some startups are embracing with varying degrees of success. Not sure if it could help Microsoft; we'll have to wait and see how it worked at Zappos.

    --
    lucm, indeed.