The Dutch CA (DigiNotar) which had its network breached six days ago, in which 200 plus SSL certificates for more than 20 domains were stolen and used in the wild, has been banished into the abyss by Google Chrome and Mozilla Firefox. It appears DigiNotar hasn’t been very open when it came to the SSL system breach. No comment thus far from the US based parent company Vasco Data Security.
Mozilla now distrusts two DigiNotar certificates. Mozilla released Firefox 6.0.2 that removes trust exceptions for certificates issued by Staat der Nederlanden and therefore offers additional protection against fraudulent DigiNotar certificates. Firefox 6.0.2 also resolves an issue with gov.uk websites. Google has done the same with a new release of its Chrome browser which permanently blocks DigiNotars certificates. Microsoft have yet to respond in relation to their Internet Explorer browser.