Updated DigiNotar CN List

I don’t work on Sundays, but the list of confirmed misissued DigiNotar certs is now up to 531, with a mix of the following CNs:

*.*.com
*.*.org
*.10million.org
*.android.com
*.aol.com
*.azadegi.com
*.balatarin.com
*.comodo.com
*.digicert.com
*.globalsign.com
*.google.com
*.JanamFadayeRahbar.com
*.logmein.com
*.microsoft.com
*.mossad.gov.il
*.mozilla.org
*.RamzShekaneBozorg.com
*.SahebeDonyayeDigital.com
*.skype.com
*.startssl.com
*.thawte.com
*.torproject.org
*.walla.co.il
*.windowsupdate.com
*.wordpress.com
addons.mozilla.org
azadegi.com
Comodo Root CA
CyberTrust Root CA
DigiCert Root CA
Equifax Root CA
friends.walla.co.il
GlobalSign Root CA
login.live.com
login.yahoo.com
my.screenname.aol.com
secure.logmein.com
Thawte Root CA
twitter.com
VeriSign Root CA
wordpress.com
www.10million.org
www.balatarin.com
www.cia.gov
www.cybertrust.com
www.Equifax.com
www.facebook.com
www.globalsign.com
www.google.com
www.hamdami.com
www.mossad.gov.il
www.sis.gov.uk
www.update.microsoft.com

I’d be interested to know if there are any clients in which those first two certs would actually work.

Batches were signed on the 10th, 18th and 20th of July. I have no expiry date information for the expanded list.

There are two new intermediates I haven’t seen before: “Koninklijke Notariele Beroepsorganisatie CA” and “Stichting TTP Infos CA”. Any info about those would be appreciated.

9 thoughts on “Updated DigiNotar CN List

  1. Notaries in the Netherlands are member of the Koninklijke Notariele Beroepsorganisatie (KNB). It is their professional society. I believe membership is obligatory.

    Among other things, the “Koninklijke Notariele Beroepsorganisatie CA” issues personal certificates to notaries. These certificates are used to authenticate and authorize access to online resources such as the Dutch citizens’s administration system, tax department, “last will” register, stolen documents’ register and others.

    I work for the KNB daily. It’s been quite a week…

  2. “Koninklijke Notariele Beroepsorganisatie” is Dutch, and roughly translates to royal professional association of notaries.

    “Stichting TTP Infos” seems to be a small Dutch company/organization. I can’t figure out what it is. Something to do with healthcare.

  3. Yeah, found that Stichting TTP Infos a weird one. The above linked info leads me to believe they make software for interchange of medical data using PKI related infrastructure?

  4. http://www.sivz.nl/over-ivz states that they provide the following services:
    Data admin & management (databeheer en datamanagement)
    Data security, privacy-protection and routering (databeveiliging, privacybescherming en routering)

    for healthcare providers (in the netherlands presumably), primarily mental health. Wouldn’t surprise me if they were stockholders too, just like the KNB.

  5. Pingback: Message To Iranians | Hacking for Christ

Leave a Reply

Your email address will not be published. Required fields are marked *