December 7, 2016

GlobalSign To Start Issuing SSL Certificates Again

(LiveHacking.Com) – GlobalSign is to start issuing SSL certificates again after its audit showed that the claims made by ComodoHacker that he has breached other Certificate Authorities (CAs) including GlobalSign were false.

On September 6th, GlobalSign temporarily stopped issuing SSL certificates following a claim that the same hacker responsible for the recent DigiNotar hack has access to four other Certificate Authorities including GlobalSign. GlobalSign then appointed Fox-IT to assist with investigations into the claimed breach. Fox-IT is the Dutch cybersecurity company hired to investigate the compromise of the Dutch CA DigiNotar and therefore already have a wealth of current knowledge and experience of this hacker.

On the 8th, GlobalSign issued a statement that it will start bringing its services back online on Monday (12th):

We have already stated that we deem this to be an industry wide threat due to the mention of multiple CAs. We are adopting a high threat approach to bringing services back online and we are working with a number of organisations to audit the process of bringing the services back online. We apologise again for the delay.

Although GlobalSign will bring its systems back on line on Monday, as part of a sequenced startup, it foresees that customers will only be able to process orders on Tuesday morning.

During its investigations GlobalSign reminded its customers that the GlobalSign CA root was created offline, and is kept offline. Any claims by the ComodoHacker about having a private key can not  refer to the GlobalSign offline root CA. By “offline” the CA means that the Root CA Certificate is not connected to any network of any type. The Root Key  is physically (geographically) separate from any networked systems and is only ever accessed in a controlled manner.