|
|
|
|
|
|
by jpravetz
5560 days ago
|
|
|
You have to wonder what form of authentication was used at Comodo's Registration Authority server that enabled it be breached. Maybe an RSA SecureID token :-) (see http://steve.grc.com/2011/03/19/reverse-engineering-rsas-sta...). Seriously, I'd have thought the admin account on an RA server would require multiple approvals, on-site access or something. I guess we'll have to wait for the details to come out. Something like this is bound to eventually happen when you have so many trusted root SSL certs in play. |
|
|