Why Certificate Security Matters

Hacks waged against companies that issue security certificates for websites are calling into question long-standing domain name verification practices.

The most headline-grabbing attacks, launched by the so-called Comodohacker against certificate authorities Comodo and DigiNotar, aim to gather certificate information for frequently used social sites such as Google. With certificate information, anyone with access controls at an Internet service provider could easily create a ghost site, one that under common Internet browsing behavior and standards would be difficult for the average Web user to spot. With a ghost site, hackers could attempt to defraud unsuspecting users.

Read the full article now.