Google finds unauthorized certificate for domain, scrambles to protect users

By | January 8, 2013

Source: Computerworld

by Juan Carlos Perez

Sec69In this article “Google has taken steps to close potential security holes created by a fraudulent certificate for its domain, discovered in late December.

The certificate was erroneously issued by an intermediate certificate authority (CA) linking back to TurkTrust, a Turkish CA.

“Intermediate CA certificates carry the full authority of the CA, so anyone who has one can use it to create a certificate for any website they wish to impersonate,” wrote Adam Langley, a Google software engineer, in a blog post Thursday.”


Leave a Reply