Hacker News new | past | comments | ask | show | jobs | submit login

pretty obvious?



It's obvious because they issued and discovered it was being used for google.com certs.

If it had been innocuously issued, no one would have attempted to issue google.com certs.

Google is in a better position to detect evil google.com certs in use. There's every reason to suspect other evil certs were issued and in use as well (although google.com is probably the most attractive mainstream target; compromising gmail is important to most intelligence and police agencies).


I wouldn't call it fairly obvious, but according to this comment -> http://news.ycombinator.com/item?id=5003707 -> the CAs issued included "*.EGO.GOV.TR," which then created the fake Google certificate. If a government entity got access and then did this, you could establish a link between TurkTrust & the government for creating the CA.

That being said, I'd hope that someone researches and figures out why the certificates were issued, to whom, and for what purpose.


Well, with the help of Google Translate, it appears to be the public transit body of the city of Ankara. If I was an evil government body, I'd ask for my intermediate CA cert to be issued in the name of JohnDoesInconspicuousWidgets.com, not a government organisation.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: