Quantcast

VeriSign dead cert causes net instability.

January 11, The Register

The expiration of one of VeriSign's master digital certificates on Wednesday, January 7, created confusion for Net users and glitches to the operation of some applications, notably Norton Anti−Virus (NAV). After the cert VeriSign used to sign other certs expired, the chain of trust was broken, leaving some aps unable to set up a secure connection. These apps then defaulted to trying to access Verisign's certificate revocation list server which, faced with a huge extra load, buckled under the pressure. Essentially, where there are problems, traffic needs to be directed to a new Global Server Intermediate Root CA. Users of Java aps and older IE browsers were affected by the issue but NAV users were worst affected. NAV Users saw their computers slow to a crawl and Microsoft office applications not starting properly because of the problem.

Verisign has posted an advisory on the problem at the following Website detailing server updates needed to resolve application instability:
http://verisign.com/support/vendors/exp−gsid−ssl.html.

Source:
http://www.securityfocus.com/news/7790