/>
X

Unknown root certificate found in Firefox

It seems that Firefox contains a unknown root certificate that nobody seems to know anything about.

It seems that Firefox contains a unknown root certificate that nobody seems to know anything about.

I propose that the "RSA Security 1024 V3" root certificate authority be removed from NSS.

OU = RSA Security 1024 V3 O = RSA Security Inc Valid From: 2/22/01 Valid To: 2/22/26 SHA1 Fingerprint: 3C:BB:5D:E0:FC:D6:39:7C:05:88:E5:66:97:BD:46:2A:BD:F9:5C:76

I have not been able to find the current owner of this root. Both RSA and VeriSign have stated in email that they do not own this root.

Therefore, to my knowledge this root has no current owner and no current audit, and should be removed from NSS.

Further information is provided in a bug report:

I have exchanged email with both RSA and VeriSign, and both have stated that they do not own the "RSA Security 1024 V3" root certificate.

This is a significant security isse since digital certificates rely on a chain of trust, and the trust anchor for digital certificates is the Root Certificate Authority (CA). Specifically, web browsers use root certificates to verify identities used for secure web connections. However, the users of web browsers have to rely on the browser publisher to make sure that these root certificates are valid. The fact that Firefox contains a root certificate where the current owner is unknown (at this time at any rate) is a little worrying.

Trust no one ...

Related

Why you should really stop charging your phone overnight
iphone-charging.jpg

Why you should really stop charging your phone overnight

iPhone
How to spot a deepfake? One simple trick is all you need
facial-recognition

How to spot a deepfake? One simple trick is all you need

AI & Robotics
Malcolm Gladwell says working from home is 'not in your best interests'. The reality is much more complicated
malcolm-gladwell

Malcolm Gladwell says working from home is 'not in your best interests'. The reality is much more complicated

Productivity