TurkTrust denies security breach led to certificate gaffe

By

No 'malevolence, fraud or any other crime factor'.

Turkish certificate authority (CA) TurkTrust has denied that there was any attack that resulted in the issuing of fraudulent certificates.

TurkTrust denies security breach led to certificate gaffe

In an updated statement from its website, TurkTrust said that since the incident was announced last week, "a lot of national and international people and organisations including press companies admired the way the case was treated and further supported and contributed for a correct understanding of the case".

However it said that there had been incorrect reporting and discussion on the incident and it will continue to manage the case openly and transparently with a responsibility not only to the Turkish public, but also to all internet users.

“Our company keeps on working with the target of being a reputable Turkish company that develops technology in world standards and produces value added services,” it said.

The company said in a previous  statement it was "certain that there is no security breach on TurkTrust systems" adding that "there is also not a bit of evidence that the certificate was used maliciously”.

The problems began when two faulty SSL certificates were issued in August 2011 during a software migration.

These were detected in late December, leading to browser vendors Microsoft, Mozilla and Google revoking trust in those certificates. TurkTrust revoked the certificate once it was made available of its status.

It said: “This seems to be a very plausible scenario explaining how the faulty certificate was being generated. This and all other available data strongly suggests that google.com cert was not issued for dishonest purposes or has not been used for such a purpose.”

This article originally appeared at scmagazineuk.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, UK edition
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

International Criminal Court hit by cyber attack

International Criminal Court hit by cyber attack

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

Log In

  |  Forgot your password?