One of the biggest issues to me is to what extent this single breach reaches. The Dutch government was heavily impacted due to its use of DigiNotar for government services. And, of course, any sites or businesses that found themselves on the list of fraudulent certificates will need to ensure they and their customers weren't targeted. There is also speculation that this was an incident of cyberwarfare, as some evidence points to the attacker as being based in Iran.
But what does this mean to businesses? If you do find yourself on the list
of compromised certificates, you need to do an audit of your access logs and also encourage users and customers to make sure they have updated browsers that are revoking the fraudulent certificates.
For the rest of us, all I can say is to remember that SSL and digital certificates are not a perfect solution. All it takes is one incident like this to show how much Internet security is based on a house of cards.
Hopefully, this incident will lead to some reform of the certificate authority structure. There definitely needs to be more protections in place to make sure that, when this happens again, the response will be quick and effective and the breached authority won't be able to sit on the information like DigiNotar did.
There's an old saying that goes, "Who watches the watchers?" Right now, we need to be asking, "Who certifies the certificate authorities, and who will make sure that our Internet communications are as secure as they can be?"
