Ubuntu
firefox package

  1. Bug #838322
  2. Comment #17

Comment 17 for bug 838322

Revision history for this message
Glen Turner (gdt-gdt) wrote : Re: DigiNotar patch erroneously blocks one of the two Staat der Nederlanden roots

http://blog.mozilla.com/security/2011/09/02/diginotar-removal-follow-up/
says
"DigiNotar issues certificates as part of the Dutch government’s PKIoverheid (PKIgovernment) program. These certificates are issued from a different DigiNotar-controlled intermediate, and chain up to the Dutch government CA (Staat der Nederlanden). The Dutch government’s Computer Emergency Response Team (GovCERT) indicated that these certificates are issued independently of DigiNotar’s other processes and that, in their assessment, these had not been compromised. The Dutch government therefore requested that we exempt these certificates from the removal of trust, which we agreed to do in our initial security update early this week.

The Dutch government has since audited DigiNotar’s performance and rescinded this assessment. We are now removing the exemption for these certificates, meaning that all DigiNotar certificates will be untrusted by Mozilla products."