Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
Security Google Government The Internet

India's National Informatics Centre Forged Google SSL Certificates 107

NotInHere (3654617) writes As Google writes on its Online Security Blog, the National Informatics Centre of India (NIC) used its intermediate CA certificate, issued by Indian CCA, to issue several unauthorized certificates for Google domains, allowing it to do Man in the middle attacks. Possible impact however is limited, as, according to Google, the root certificates for the CA were only installed on Windows, which Firefox doesn't use — and for the Chrom{e,ium} browser, the CA for important Google domains is pinned to the Google CA. According to its website, the NIC CA has suspended certificate issuance, and according to Google, its root certificates were revoked by Indian CCA.
This discussion has been archived. No new comments can be posted.

India's National Informatics Centre Forged Google SSL Certificates

Comments Filter:
  • Repercussions? (Score:3, Interesting)

    by Anonymous Coward on Thursday July 10, 2014 @08:50AM (#47423445)

    Will there be any repercussions for this?

    The National Informatics Centre of India did abuse something.
    Will the National Informatics Centre of India be able to continue with such abuses and do this again in the future?
    Or will they lose this ability?

    What will happen now?

    They have shown that they can not be trusted. They must lose the power to do this.

    Pull someones certificates or kill some CA. Someone needs to suffer because of this.

  • Re:Repercussions? (Score:0, Interesting)

    by Anonymous Coward on Thursday July 10, 2014 @09:01AM (#47423491)

    India is a very corrupt country.

    I only see this as a good thing because it will reflect on companies that outsource to India and put the spotlight where it needs to be at - why do we trust these people with our customers?

    As someone who has dealt with far too many indian "Customer service representatives" and actually had one attempt to charge my credit card $5000 to get a return flight from Ireland after the company cancelled my plane ticket (I was shanghaied and I live in the USA) I have no intention of dealing with any company in the future that outsources to India.

    I lost 1300 euros that trip, It will never happen again.

  • Re:Repercussions? (Score:4, Interesting)

    by INT_QRK ( 1043164 ) on Thursday July 10, 2014 @11:00AM (#47424271)
    “Power attracts the corruptible. Suspect any who seek it.” Frank Herbert, Chapterhouse: Dune

"If the code and the comments disagree, then both are probably wrong." -- Norm Schryer