Trustico: Difference between revisions
Content deleted Content added
No edit summary |
Rm invalid merger proposal because no merge discussion or rationale was provided. Please either follow Wikipedia:Merging#Proposing_a_merger or don't add a merge template. Thanks :) |
||
| Line 1: | Line 1: | ||
{{merge to|Certificate revocation list|discuss=Talk:Certificate revocation list#Proposed merge with Trustico|date=March 2018}} |
|||
{{Current related|date=March 2018}} |
{{Current related|date=March 2018}} |
||
{{Infobox company |
{{Infobox company |
||
Revision as of 02:07, 5 March 2018
 | This article may be affected by a current event. Information in this article may change rapidly as the event progresses. Initial news reports may be unreliable. The last updates to this article may not reflect the most current information. (March 2018) |
| Company type | Private company |
|---|---|
| Industry | Internet security, Public key infrastructure |
| Headquarters | , |
Trustico is a certificate reseller.
It became notable in March 2018, after its CEO transferred the private keys for 23,000 HTTPS certificates via email (not a secure protocol) to an executive at DigiCert.[2][3][4][1][5] The fact that these private keys had been stored by Trustico suggested that Trustico had been violating the baseline requirements for certificate authorities.[2]
This was followed by the disclosure of a critical security flaw - a publicly-accessible root shell - in the Trustico website, after which the website was taken offline.[6][7]
See also
References
- ^ a b c "23,000 HTTPS certs will be axed in next 24 hours after private keys leak".
- ^ a b "23,000 HTTPS certificates axed after CEO emails private keys".
- ^ Whittaker, Zack. "Trustico compromises own customers' HTTPS private keys in spat with partner".
- ^ "23,000 Digital Certificates Revoked in DigiCert-Trustico Spat - SecurityWeek.Com". www.securityweek.com.
- ^ "How not to run a CA - Hacker News". news.ycombinator.com.
- ^ "Trustico website goes dark after someone drops critical flaw on Twitter".
- ^ "HTTPS cert flingers Trustico, SSL Direct go TITSUP after website security blunder blabbed".
 | This cryptography-related article is a stub. You can help Wikipedia by expanding it. |