X
Tap here to go to the mobile version of the site.

Support Forum

ill placed certificates names in mozilla still there.What to do?

Posted

mozilla security blog mar 25 2011 https://blog.mozilla.org/security/2011/03/25/comodo-certificate-issue-follow-up This is a follow-up to the previous Mozilla report about the fraudulent certificates issued by Comodo last week. On 15th March 2011, a RA partner of the Comodo CA suffered an internal security breach (Comodo incident report). The attacker used the RA’s account with Comodo to cause 9 fraudulent certificates to be issued. The domain names of the certificates were as follows:

   addons.mozilla.org
   login.live.com
   mail.google.com
   www.google.com
   login.yahoo.com (x3)
   login.skype.com
   global truste

(and the rest, see link) I still found all certifacate-domain-names in mozilla I only deleted global trustee. What to do with the rest ?

mozilla security blog mar 25 2011 https://blog.mozilla.org/security/2011/03/25/comodo-certificate-issue-follow-up This is a follow-up to the previous Mozilla report about the fraudulent certificates issued by Comodo last week. On 15th March 2011, a RA partner of the Comodo CA suffered an internal security breach (Comodo incident report). The attacker used the RA’s account with Comodo to cause 9 fraudulent certificates to be issued. The domain names of the certificates were as follows: addons.mozilla.org login.live.com mail.google.com www.google.com login.yahoo.com (x3) login.skype.com global truste ----- (and the rest, see link) I still found all certifacate-domain-names in mozilla I only deleted global trustee. What to do with the rest ?

Additional System Details

Installed Plug-ins

  • Adobe PDF Plug-In For Firefox and Netscape 15.23.20053
  • Shockwave Flash 24.0 r0
  • 5.1.50901.0
  • VLC media player Web Plugin

Application

  • Firefox 50.1.0
  • User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
  • Support URL: https://support.mozilla.org/1/firefox/50.1.0/WINNT/nl/

Extensions

  • Application Update Service Helper 1.0 (aushelper@mozilla.org)
  • Ghostery 7.1.1.5 (firefox@ghostery.com)
  • Multi-process staged rollout 1.5 (e10srollout@mozilla.org)
  • NoScript 2.9.5.3 ({73a6fe31-595d-460b-a920-fcc0f8843232})
  • Pocket 1.0.5 (firefox@getpocket.com)
  • Web Compat 1.0 (webcompat@mozilla.org)

Javascript

  • incrementalGCEnabled: True

Graphics

  • adapterDescription: Intel(R) G45/G43 Express Chipset
  • adapterDescription2:
  • adapterDeviceID: 0x2e22
  • adapterDeviceID2:
  • adapterDrivers: igdumd64 igd10umd64 igdumdx32 igd10umd32
  • adapterDrivers2:
  • adapterRAM: Unknown
  • adapterRAM2:
  • adapterSubsysID: 2aa2103c
  • adapterSubsysID2:
  • adapterVendorID: 0x8086
  • adapterVendorID2:
  • crashGuards: []
  • currentAudioBackend: wasapi
  • direct2DEnabled: False
  • direct2DEnabledMessage: [u'blockedDriver']
  • directWriteEnabled: False
  • directWriteVersion: 6.2.9200.21976
  • driverDate: 10-15-2010
  • driverDate2:
  • driverVersion: 8.15.10.2226
  • driverVersion2:
  • featureLog: {u'fallbacks': [], u'features': [{u'status': u'available', u'description': u'Compositing', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'HW_COMPOSITING'}, {u'status': u'available', u'description': u'Direct3D11 Compositing', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'D3D11_COMPOSITING'}, {u'status': u'disabled', u'description': u'Direct3D9 Compositing', u'log': [{u'status': u'disabled', u'message': u'Disabled by default', u'type': u'default'}], u'name': u'D3D9_COMPOSITING'}, {u'status': u'blacklisted', u'description': u'Direct2D', u'log': [{u'status': u'available', u'type': u'default'}, {u'status': u'blacklisted', u'message': u'#BLOCKLIST_FEATURE_FAILURE_DL_BLACKLIST_g984', u'type': u'env'}], u'name': u'DIRECT2D'}, {u'status': u'blacklisted', u'description': u'Direct3D11 hardware ANGLE', u'log': [{u'status': u'available', u'type': u'default'}, {u'status': u'blacklisted', u'message': u'#BLOCKLIST_FEATURE_FAILURE_BUG_1153381', u'type': u'env'}], u'name': u'D3D11_HW_ANGLE'}]}
  • info: {u'AzureCanvasAccelerated': 0, u'AzureCanvasBackend': u'skia', u'AzureFallbackCanvasBackend': u'cairo', u'AzureContentBackend': u'cairo', u'ApzWheelInput': 1}
  • isGPU2Active: False
  • numAcceleratedWindows: 2
  • numTotalWindows: 2
  • supportsHardwareH264: No; Hardware video decoding disabled or blacklisted
  • webgl2Renderer: (no info)
  • webglRenderer: Google Inc. -- ANGLE (Intel(R) G45/G43 Express Chipset Direct3D9Ex vs_3_0 ps_3_0)
  • windowLayerManagerRemote: True
  • windowLayerManagerType: Direct3D 11

Modified Preferences

Misc

  • User JS: No
  • Accessibility: No
James
  • Top 25 Contributor
  • Moderator
1598 solutions 11286 answers

If you were to view the global trustee certificate for example you would see it is distrusted by default. The other domains names were of the certificates at the time.

Just because certificates is in list (servers) does not mean it is trusted or has be revoked.

For example DigiNotar certificates is listed yet it is not trusted for a long time now as was mentioned in below Release notes.

http://website-archive.mozilla.org/www.mozilla.org/firefox_releasenotes/en-US/firefox/6.0.1/releasenotes/ http://website-archive.mozilla.org/www.mozilla.org/firefox_releasenotes/en-US/firefox/6.0.2/releasenotes/ http://website-archive.mozilla.org/www.mozilla.org/firefox_releasenotes/en-US/firefox/3.6.22/releasenotes/


Mozilla takes security with Firefox and Mozilla stuff very seriously. They are more open compared to other companies so people have a good reason to be up to date. https://www.mozilla.org/security/known-vulnerabilities/

If you were to view the global trustee certificate for example you would see it is distrusted by default. The other domains names were of the certificates at the time. Just because certificates is in list (servers) does not mean it is trusted or has be revoked. For example DigiNotar certificates is listed yet it is not trusted for a long time now as was mentioned in below Release notes. http://website-archive.mozilla.org/www.mozilla.org/firefox_releasenotes/en-US/firefox/6.0.1/releasenotes/ http://website-archive.mozilla.org/www.mozilla.org/firefox_releasenotes/en-US/firefox/6.0.2/releasenotes/ http://website-archive.mozilla.org/www.mozilla.org/firefox_releasenotes/en-US/firefox/3.6.22/releasenotes/ Mozilla takes security with Firefox and Mozilla stuff very seriously. They are more open compared to other companies so people have a good reason to be up to date. https://www.mozilla.org/security/known-vulnerabilities/