Comodo Successfully Demonstrates VeriSign SSL Exploit, VeriSign Denies in Response

VeriSign, as we all know is one of the most popular signing authorities for secure pages. Its SSL security is relied upon by thousands of businesses and it is extremely popular with worldwide banking services.

The renowned Firewall manufacturer Comodo has made an announcement today saying that they have discovered an exploit in the VeriSign SSL certification and has informed VeriSign of this but apparently, their words fell on deaf ears. VeriSign has blatantly denied the presence of any such exploits and has replied to Comodo saying,

We thank you for bringing this to our attention, but the information you have accessed is public information that can be found in a multitude of ways. The pages you have accessed are merely pubic portals for our customers authenticated work to be performed.

A good reason as to why VeriSign responded in this weird manner might be because this is a part of VeriSign’s strategy. First, they make this news seem unimportant and save the panic amongst their customers. Next, they will probably roll out a fix for this quietly. Given the top notch businesses VeriSign has as its clients, this move can either put it in jeopardy or could save it from a lot of trouble.

Another reason why VeriSign is shying away from this is because Comodo is VeriSign’s competitor in the digital certificate business. Accepting the presence of this exploit will raise questions about VeriSign’s position as the unchallenged certification authority.

Comodo has successfully demonstrated the exploit to Ms. Smith from Networkworld. Read more at this exclusive report.

Published by

Chinmoy Kanjilal

Chinmoy Kanjilal is a FOSS enthusiast and evangelist. He is passionate about Android. Security exploits turn him on and he loves to tinker with computer networks. You can connect with him on Twitter @ckandroid.