SSL Certificate Authorities (CA), hold an important role for ensuring the trust model of modern Internet security. This year, at least twice already that trust may have been misplaced. Both the Comodo and, more recently, the DigiNotar CAs have been compromised, leaving millions of users at risk.
Browser vendor Mozilla is now saying that enough is enough and is giving the CAs a one week deadline to prove they are secure.
“Each audit must check for mis-issuance of certificates, especially high-value domains as well as the network infrastructure, monitoring, passwords, etc.,” Kathleen Wilson, module owner of Mozilla’s CA Certificates Module explained to InternetNews.com.