In the summer of 2011 the Dutch Certificate Service Provider Diginotar collapsed due to a hack of the back-end systems by an Iranian hacker. Since then many analysis were published. Most indicating plenty problems at Diginotar or about the inadequacies of PKI as we know it. But in my opinion the problems are more severe than just technical issues.
In 2012 the Dutch Magazine Informatiebeveiliging published my analysis (I should mention that I am one of the editors of the magazine, so there is no full independency there...). By request I translated the article.
You can find the English language version of article via this link.
(I wish to thank Jacoba for reviewing the translation)
Feel free to react.
Geen opmerkingen:
Een reactie posten