Re: [Fed-Talk] Apple's Rogue DigiNotar CA mitigation?
Re: [Fed-Talk] Apple's Rogue DigiNotar CA mitigation?
- Subject: Re: [Fed-Talk] Apple's Rogue DigiNotar CA mitigation?
- From: Joel Esler <email@hidden>
- Date: Wed, 31 Aug 2011 12:14:48 -0400
I'm betting they build it into 10.7.2. That feels very imminent.
J
On Aug 31, 2011, at 12:13 PM, Pike, Michael (IHS/HQ) wrote:
> Wow....
>
> This is one of the reasons I love fedtalk - between all of us we are the definitive news source, I did not even know about this!!!
>
> I hope apple addresses it with a security patch and not an OS update... right now I am reluctant to install any apple OS updates as they seem to break more than they fix with Lion.
>
>
> On Aug 31, 2011, at 9:50 AM, Disiena, Ridley J. (GRC-VO00)[DB Consulting Group, Inc.] wrote:
>
>
> Has anyone seen any Apple notification with regards to actions to be taken on iOS and OS X to mitigate the rogue DigiNotar CA incident this week?
>
> Others companies have been quick to respond:
> Mozilla Notice - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-cer
> Google Notice - http://googleonlinesecurity.blogspot.com/2011/08/update-on-attempted-man-in-middle.html
> Microsoft Notice - http://www.microsoft.com/technet/security/advisory/2607712.mspx
> Chromium Code added to address this: http://codereview.chromium.org/7791032/diff/2001/net/base/x509_certificate.cc
>
>
> FYI: Command to remove the rogue DigiNotar Root CA certificate from OS-X System Roots via its SHA1 hash value:
> sudo security delete-certificate -Z C060ED44CBD881BD0EF86C0BA287DDCF8167478C "/System/Library/Keychains/SystemRootCertificates.keychain"
>
> Note: I believe IOS also has this Root CA included by defult as well
>
>
> - Ridley DiSiena CISSP
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden<mailto:email@hidden>)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden