[EN] Certificados SSL: Empresas precisam ter plano B
Failures and breaches involving certificates are becoming more frequent.
14 October 2016
GlobalSign said the problem would correct itself in four days when the cached responses expire, although it admitted this was “not ideal”, so it is offering sites the use of an alternative, unaffected certificate issued by a different, unaffected root.
Cyber security experts said the error could have affected a large number of sites.
“It’s hard to know how many companies have been impacted, but with GlobalSign boasting over 25 million certificates relying on the public trust of the GlobalSign root CA certificate, the impact is undoubtedly huge,” said Kevin Bocek, chief cyber security strategist at Venafi.
“The reality is that failures like this and breaches involving certificates are becoming more frequent – not surprising, since the world is becoming encrypted.
“The impact, though, is completely unacceptable – you can’t have your site being untrusted or taken offline for days on end. Revenue loss and reputational damage for the businesses impacted will run into the millions of dollars.
“Businesses must have an automated back-up plan – they cannot be at the mercy of any one CA. These types of issues will continue to happen but when they do, firms need to be able to take control and immediately and automatically change out affected certificates.”