X
Tap here to go to the mobile version of the site.
Your Firefox is out of date and may contain a security risk! Upgrade Firefox

Support Forum

I have downloaded Firefox 21 for mac os and it has diginotar certs

Posted

I have downloaded Firefox 21 for my Mac Os and when I go under the advance/encryption/view certificate settings their are entries for Diginotar. I downloaded this through my Canadian ISP Velcom.ca and don't understand why I see the following certificates under certificate manager DigiNotar DigiNotar Cyber CA DigiNotar Root CA DigiNotar Services 1024 CA DigiNotar B.V DigiNotar PKIoverhead CA Organisatir-G2 DigiNotar PKIoverhead CA Overheid en Bedrijven

DiigNotar is defunct because of stolen certificates. Why Is this on my new Firefox version 21?

Additional System Details

Application

  • User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8) AppleWebKit/536.25 (KHTML, like Gecko) Version/6.0 Safari/536.25

More Information

Uninstalled previous version and installed this new Firefox version 21 which included adding my books marks and add-ons

Gingerbread Man
  • Top 25 Contributor
228 solutions 940 answers

Helpful Reply

The answer is the same as the last time you asked this question.

As more information has come to light about the attack on the DigiNotar Certificate Authority we have improved the protections added in MFSA 2011-34. The main change is to add explicit distrust to the DigiNotar root certificate and several intermediates. Removing the root as in our previous fix meant the certificates could be considered valid if cross-signed by another Certificate Authority. Importantly this list of distrusted certificates includes the "PKIOverheid" (PKIGovernment) intermediates under DigiNotar's control that did not chain to DigiNotar's root and were not previously blocked.

Question owner

Perhaps your head is stuck in the past Gingerbread_Man.

I said its Firefox 21which came out in 2013. There should be no Diginotar certificate. On On September 3, 2011 Digitnotar went bankrupt. https://en.wikipedia.org/wiki/DigiNotar

cor-el
  • Top 10 Contributor
  • Moderator
10780 solutions 97024 answers

Helpful Reply

There shouldn't be any DigiNotar certificates present under the Authorities tab in the Certificate Manager, but there should be permanent block entries under the Servers tab.

  • Firefox > Preferences > Advanced : Encryption: Certificates - View Certificates

Select a DigiNotar certificate in the Certificate Manager > Servers.

  • Click the "Edit Trust" button to verify that the certificate is not trusted and "Do not trust the authenticity of this certificate" is selected.

Modified by cor-el

Gingerbread Man
  • Top 25 Contributor
228 solutions 940 answers

cor-el wrote:

Click the "Edit Trust" button to verify that the certificate is not trusted and "Do not trust the authenticity of this certificate" is selected.

That's exactly what I said last time.

mace2 wrote:

Perhaps your head is stuck in the past Gingerbread_Man.

Learn some manners, then feel free to ask your question where it's more likely to be seen by a developer, like on IRC or a newsgroup like mozilla.dev.security.policy

Question owner

I installed Firefox 22 same on my Mac witch has both windows 7 and Mac OS Moutain Liion and the windows 7 found the web site https://www.faxzero.com valid.

Same computer 2 different operating systems windows 7 firefox 22 works but Snow leopard Firefox 22 does not work