diginotar still present
I am running Firefox 13.01 for a Macox and it still has Diginotar certificate under certificate manager. Should this be the case?
Additional System Details
Every time Firefox opened
This started when...
- Shockwave Flash 11.4 r402
- The QuickTime Plugin allows you to view a wide variety of multimedia content in web pages. For more information, visit the QuickTime Web site.
- User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:13.0) Gecko/20100101 Firefox/13.0.1
The latest version is 15.0.1. The version you're using contains the following security vulnerabilities:
Yes. Click any of the DigiNotar certificates and then click the Edit Trust button. You can see they're all set to “Do not trust”. The technical reason is explained at
WHy is Diginotar still present in Firefox 13.01 since the comapny that provides the Diginotar went bankrupt and is no longer present since this version of Firefox 13.01. I am located in Canada, Ontario, using ISP Electronic Box and would like to know why 13.01 still has Diginotar certs?
It's explained in the link I posted:
As more information has come to light about the attack on the DigiNotar Certificate Authority we have improved the protections added in MFSA 2011-34. The main change is to add explicit distrust to the DigiNotar root certificate and several intermediates. Removing the root as in our previous fix meant the certificates could be considered valid if cross-signed by another Certificate Authority. Importantly this list of distrusted certificates includes the "PKIOverheid" (PKIGovernment) intermediates under DigiNotar's control that did not chain to DigiNotar's root and were not previously blocked.
Since this company is now defunct. My question is why is Diginotar certiifcate still present? It should be remove as the comapny no longer exists. This is a serious security flaw because the certificates where stolen form Digitnotar without them reporting the thief.