搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

compromised certificates still present

  • 1 个回答
  • 1 人有此问题
  • 1 次查看
  • 最后回复者为 cor-el

more options

I am running FF8. I realized recently that the full sweet of compromised certificates (global trustee, etc) was present in my usertrust network, and I thought it was perhaps because I migrated my profile from my old computer. So I completely uninstalled FF, removed all the remaining directories and reinstalled, and lo, they are still there in the usertrust network and Diginotar CAs etc still in Authorities. When I have deleted them from the trust network, they only re-appear in Others, and when I delete from there, they just reappear. Now, I know that for most of them, the trust has been removed, but for some of them they still had some level, if not full CA trust. What gives? If these certificates are indeed untrusted and blocked WHY ON EARTH are they not listed in some kind of Revoked list, and/or why are they still showing up in v8, making users like me spend hours trying to figure out if they are actually threats or not? Can anyone please advise?

I am running FF8. I realized recently that the full sweet of compromised certificates (global trustee, etc) was present in my usertrust network, and I thought it was perhaps because I migrated my profile from my old computer. So I completely uninstalled FF, removed all the remaining directories and reinstalled, and lo, they are still there in the usertrust network and Diginotar CAs etc still in Authorities. When I have deleted them from the trust network, they only re-appear in Others, and when I delete from there, they just reappear. Now, I know that for most of them, the trust has been removed, but for some of them they still had some level, if not full CA trust. What gives? If these certificates are indeed untrusted and blocked WHY ON EARTH are they not listed in some kind of Revoked list, and/or why are they still showing up in v8, making users like me spend hours trying to figure out if they are actually threats or not? Can anyone please advise?

所有回复 (1)

more options

You can click the Edit button on the DigiNotar certificates to verify that all trust bits are unchecked.
That will make it impossible for them to be used as root certificates.

Select a DigiNotar certificate in the Certificate Manager.

  • Click the Edit button to verify that all trust bits are unchecked
  • Click the View button and go to Details to verify that the certificate has been deactivated (Explicitly Distrust DigiNotar Root CA)