The Dutch Diginotar Hack

Slightly off-topic here considering my normal focus on business applications (or actually, maybe not, decide for yourself).

False passports

False passports

On the Dutch ICT news sites it is currently a big topic. And the impact for the whole internet is probably still underestimated. What happened? On August 29 2011, I read a news post on webwereld.nl (a Dutch ICT news site) that Iran (actually it seemed to be Iranians but this is still not sure) could tap internet traffic to GMail. This happened because they used an SSL certificate that was signed by the Dutch Certificate Authority Diginotar. Diginotar is a Dutch company providing PKI (Public Key Infrastructure) “certificates” for secure connections, both for regular commercial customers and for the Dutch government. Ouch!
Read more of this post