Articles in “CA Program”

Revoking Trust in one ANSSI Certificate

Last week, Mozilla was notified that an intermediate certificate, which chains up to a root included in Mozilla’s root store, was loaded into a man-in-the-middle (MITM) traffic management device. It … Read more

Revoking Trust in Two TurkTrust Certificates

Update: For clarification, the last sentence of this post references our actions to suspend inclusion of a TURKTRUST root certificate. There are currently two TURKTRUST root certificates included in Mozilla’s … Read more

DigiNotar Removal Follow Up

Earlier this week we revoked our trust in the DigiNotar certificate authority from all Mozilla software. This is not a temporary suspension, it is a complete removal from our trusted … Read more

Fraudulent *.google.com Certificate

Update (Sept. 6, 2011 @10:37 a.m. PT): New security updates for Firefox are now available. Update (8.30.11 @ 11:25 p.m. PT) Mozilla just released an update to Firefox for Desktop, … Read more

Comodo Certificate Issue – Follow Up

This is a follow-up to the previous Mozilla report about the fraudulent certificates issued by Comodo last week. On 15th March 2011, a RA partner of the Comodo CA suffered … Read more

Firefox Blocking Fraudulent Certificates

Issue Mozilla has been informed about the issuance of several fraudulent SSL certificates for public websites. The certificates have been revoked by their issuer which should protect most users. This … Read more

Removing the RSA Security 1024 V3 Root

There’s been confusion today about the work we’re doing on our root store, the set of trusted certificate authorities shipped with Mozilla products. The short story is this: we’re removing … Read more