Resultados 1 a 2 de 2
  1. #1
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010
    Posts
    14,992

    [EN] Certificados SSL: Empresas precisam ter plano B

    Failures and breaches involving certificates are becoming more frequent.

    Matt Smith
    14 October 2016

    ...

    GlobalSign said the problem would correct itself in four days when the cached responses expire, although it admitted this was “not ideal”, so it is offering sites the use of an alternative, unaffected certificate issued by a different, unaffected root.

    Cyber security experts said the error could have affected a large number of sites.

    “It’s hard to know how many companies have been impacted, but with GlobalSign boasting over 25 million certificates relying on the public trust of the GlobalSign root CA certificate, the impact is undoubtedly huge,” said Kevin Bocek, chief cyber security strategist at Venafi.

    “The reality is that failures like this and breaches involving certificates are becoming more frequent – not surprising, since the world is becoming encrypted.

    “The impact, though, is completely unacceptable – you can’t have your site being untrusted or taken offline for days on end. Revenue loss and reputational damage for the businesses impacted will run into the millions of dollars.

    “Businesses must have an automated back-up plan – they cannot be at the mercy of any one CA. These types of issues will continue to happen but when they do, firms need to be able to take control and immediately and automatically change out affected certificates.”

    http://business-reporter.co.uk/2016/...marked-unsafe/

  2. #2
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010
    Posts
    14,992
    Fascinante. Primeiro os suspeitos usuais promovem o uso desnecessário de certificados. Agora, recomenda-se o uso de vários certificados porque são inseguros e podem provocar danos.

Permissões de Postagem

  • Você não pode iniciar novos tópicos
  • Você não pode enviar respostas
  • Você não pode enviar anexos
  • Você não pode editar suas mensagens
  •