Following Comodo’s improper issuance of certificates to sites such as Google, we have now been made publically aware of the same thing happening at the Certificate Authority diginotar.nl. A certificate for *.google.com was issued, and it appears that the recipient is the Iranian government. It is currently unclear why this certificate was issued, but it is clear the intention is to use it for a Monkey in the Middle (MITM) attack based on first hand reports. Firefox will issue an update shortly that will disable this Certificate Authority to prevent the attack, but in the meantime this can be done manually by following the instructions found here.
If you are an Internet Explorer user you can remove diginotar certificates using these instructions:
- On the Tools menu of Internet Explorer, click Internet Options.
- On the Content tab, click Certificates.
- On the Trusted Root Certification Authorities tab, click the appropriate certificate, click Remove, and follow the instructions on your screen.
- On the Intermediate Root Certification Authorities tab, click the appropriate certificate, click Remove, and then click Yes.
- Click Close, click OK, and then restart Internet Explorer.