Removing the RSA Security 1024 V3 Root

There’s been confusion today about the work we’re doing on our root store, the set of trusted certificate authorities shipped with Mozilla products. The short story is this: we’re removing the “RSA Security 1024 V3″ root from that list. Its owners have confirmed that it is not in use, and not covered by current audits. We regularly check for roots whose audits have lapsed or for whom we don’t have an up to date point of contact – it’s part of keeping our root program healthy.

The confusion stems from a comment made in the newsgroup threads discussing the removal which suggested that the root didn’t have a current owner. We know where the root came from, it was added at RSA’s request several years ago and vetted according to our inclusion guidelines. When we contacted RSA to confirm current contact and audit information for it, though, we didn’t get a clear answer as to whether or not it was in use, covered by recent audits, or decommissioned. We expect every root in our program to have a clear and active owner and, failing to get that clarity from RSA, we moved to pull this root from the product.

RSA has since confirmed that this root is no longer needed and can be removed from the product. That clarity, while late, is welcome and confirms our original decision.

This legitimate but inactive certificate will be present in all consumers of Mozilla’s NSS security library until the removal takes effect. Questions about Apple’s inclusion of this root in their keychain system, and their plans for removal, are best directed to Apple.

source

Related Posts

Scientist Invents a Digital Security Tool Good Enough for the CIA — And for You A British computer hacker equipped with a "Dummies" guide recently tapped into the Pentagon. As hackers get smarter, computers get more powerful and n...
What we can learn from Jason Chen’s experience Not too long ago, Jason Chen, a Gizmodo editor, had all the computer related materials in his residence seized by cops acting on a warrant in relation...
A Portable Security Risk More and more employees are bringing personal mobile devices, such as media players, flash drives and smart phones, to work for entertainment, communi...
Traffic Mining Firewall Logs Could Improve Network Security A firewall is the safety barrier between a computer network and the outside world. Individuals, companies and large organizations alike rely on a fire...
Blue Skies Thinking for Cloud Security? As cloud computing moves data and services from local systems to remote centres, the question of security for organisations must be addressed. A resea...
How to Stop Distant Attacks on RFID Chips The limited power and processing ability of RFID chips makes them vulnerable to attackers operating at a distance. A new protocol could tackle this pr...

We Recommend These Vendors and Free Offers

ContainerizeThis 2016 is a free, 2-day conference for all things containers and big data. Featured, will be presentations and free, hands-on workshops. Learn more at ContainerizeThis.com

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


Leave a Comment

Your email address will not be published. Required fields are marked *

*