SSL and the Future of Authenticity

SSL And The Future Of Authenticity

Moving beyond Certiﬁcate Authorities

Wednesday, September 28, 2011 Comodo

Wednesday, September 28, 2011 Web Firm Suspects Iran Hacked Into It Internet-Security Company Says It Was Tricked Into Authenticating Fake Sites, Opening Access to Data, Not Money

Wall Street Journal, March 15th, 2011

Wednesday, September 28, 2011 The Damage

★ mail.google.com

★ www.google.com

★ login.yahoo.com

★ login.skype.com

★ addons.mozilla.org

★ login.live.com

Wednesday, September 28, 2011 “This [attack] was extremely sophisticated and critically executed...it was a very well orchestrated, very clinical attack, and the attacker knew exactly what they needed to do and how fast they had to operate.” -- Melih Abdulhayoglu, Comodo Founder

Wednesday, September 28, 2011 “All the IPs were from Iran...”

-- Melih Abdulhayoglu, Comodo Founder

Wednesday, September 28, 2011 cyber

Wednesday, September 28, 2011 “All of the above leads us to one conclusion only: that this was likely to be a state-driven attack. ” -- Melih Abdulhayoglu, Comodo Founder

Wednesday, September 28, 2011 picture

Wednesday, September 28, 2011 hack --> war

Wednesday, September 28, 2011 “What does this mean?”

Wednesday, September 28, 2011 “How would they use them?”

Wednesday, September 28, 2011 sslsniff

Wednesday, September 28, 2011 “ ”

Wednesday, September 28, 2011 212.95.136.18 [16/Mar/2011:09:56:03 +0000] “GET http:// www.thoughtcrime.org/software/sslsniff/index.html HTTP/1.1” 200 “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.13 Gecko/20101203 Firefox/3.6.13 ( .NET CLR 3.5.30729; .NET4.0E)”

Wednesday, September 28, 2011 referrer

Wednesday, September 28, 2011 Wednesday, September 28, 2011 ...it was a very well “orchestrated, very clinical attack, and the attacker knew exactly vs what they needed to do and how fast they had to operate. ” -- Melih Abdulhayoglu

Wednesday, September 28, 2011 And more embarrassing Google search referrers...

“SSL protocol mitm howto iptables prerouting”

Wednesday, September 28, 2011 Wednesday, September 28, 2011 He just wouldn’t shut up!

Wednesday, September 28, 2011 “ If there were a Secure and Trusted DNS this issue would be a moot point! We need a Secure and Trusted DNS! ” -- Melih Abdulhayoglu, Comodo Founder

Wednesday, September 28, 2011 Comodo admits two more resellers pwned in SSL cert hack How deep does the rabbit hole go?

The Register, March 30th, 2011

Wednesday, September 28, 2011 New hack on Comodo reseller exposes private data And then there were four

The Register, May 24th, 2011

Wednesday, September 28, 2011 What happened to Comodo?

Wednesday, September 28, 2011 nothing

Wednesday, September 28, 2011 “ Melih Abdulhayoglu named entrepreneur of the year at RSA 2011. ”

Wednesday, September 28, 2011 problem

Wednesday, September 28, 2011 A Secure Protocol • Secrecy • Integrity • Authenticity

Wednesday, September 28, 2011 early 90’s

Wednesday, September 28, 2011 ! information

Wednesday, September 28, 2011 ! e-commerce

Wednesday, September 28, 2011 ! web applications

Wednesday, September 28, 2011 tiny

Wednesday, September 28, 2011 < 5 million

Wednesday, September 28, 2011 > 4 billion

Wednesday, September 28, 2011 < 10 “secure” sites

Wednesday, September 28, 2011 > 2 million

Wednesday, September 28, 2011 intense pressure

Wednesday, September 28, 2011 4am decisions == javascript

Wednesday, September 28, 2011 A Secure Protocol ✓Secrecy ✓Integrity ‣ Authenticity

Wednesday, September 28, 2011 A Secure Connection

Client PayPal

Wednesday, September 28, 2011 A Secure Connection

Attacker

Client PayPal

Wednesday, September 28, 2011 entirely theoretical

Wednesday, September 28, 2011 certiﬁcates and certiﬁcate authorities

Wednesday, September 28, 2011 “...a bit of a hand wave.”

Wednesday, September 28, 2011 Wednesday, September 28, 2011 Wednesday, September 28, 2011 Wednesday, September 28, 2011 Wednesday, September 28, 2011 Wednesday, September 28, 2011 cyber war

Wednesday, September 28, 2011 happening every day

Wednesday, September 28, 2011 login.live.com?

Wednesday, September 28, 2011 Mike Zussman just asked for it.

Wednesday, September 28, 2011 Eddy Nigg got mozilla.com ...with no validation

Wednesday, September 28, 2011 VeriSign issued “Microsoft Corporation”

Wednesday, September 28, 2011 SSL-In-A-Box.com

Wednesday, September 28, 2011 These are the people securing the internet.

Wednesday, September 28, 2011 Wednesday, September 28, 2011 Wednesday, September 28, 2011 Wednesday, September 28, 2011 State Sponsored?

Wednesday, September 28, 2011 Wednesday, September 28, 2011 good news

Wednesday, September 28, 2011 “total ripoff”

“total ripoff and mostly worthless”

Wednesday, September 28, 2011 problem?

Wednesday, September 28, 2011 Campus Berlin-Buch

Westsaechsische Hochschule Zwickau

FIZ CHEMIE Berlin GmbH DFN-CERT Services GmbH

Forschungsverbund Berlin e.V. Humboldt-Universitaet zu Berlin Universitaet Flensburg

T-Systems SfR Deutsche Nationalbibliothek

Hochschule Furtwangen Universitaet Erlangen-Nuernberg T-Systems SfR GmbH

Hochschule Bremerhaven Fachhochschule Flensburg GeoForschungsZentrum Potsdam

Jacobs University Bremen gGmbH Universitaet Erfurt

IFW Dresden e.V. Universitaet Marburg

Universitaet Augsburg Leibniz-Rechenzentrum

Universitaet Muenster IFM-GEOMAR Fachhochschule Landshut

Universitaet Leipzig Fachhochschule Ansbach

HAWK Fachhochschule Hildesheim/Holzminden/Goettingen Hochschule Kempten Rheinische Fachhochschule Koeln gGmbH

Uni-Konstanz Universitaet Stuttgart

Fachhochschule Luebeck Fachhochschule Bielefeld

Universitaet Potsdam Hochschule Anhalt (FH)

Friedrich-Loeffler-Institut

Hochschule Fulda Beuth Hochschule fuer Technik Berlin

Universitaet Ulm Fachhochschule Rosenheim Fachhochschule Ingolstadt Technische Universitaet Berlin

Universitaet Jena Hochschule Biberach IPK Gatersleben Max-Planck-Institut fuer Zuechtungsforschung

Universitaet Mannheim NEC Europe Ltd. Bundesanstalt fuer Wasserbau Fachhochschule Stralsund

Universitaet Dortmund Hochschule Bremen Deutsches Elektronen-Synchrotron DESY Stiftung Tieraerztliche Hochschule Hannover

Technische Fachhochschule Georg Agricola zu Bochum Universitaet Bielefeld Fachhochschule Aachen Otto-Friedrich-Universitaet Bamberg

Fachhochschule Osnabrueck Universitaet Bremen Paedagogische Hochschule Heidelberg Technische Universitaet Braunschweig

Institut fuer Photonische Technologien e.V. Universitaet Bayreuth Universitaet Wuerzburg Universitaet zu Koeln Technische Universitaet Chemnitz

Hochschule fuer Technik und Wirtschaft Berlin Hochschule fuer Technik Stuttgart Universitaet Passau Hochschule fuer Musik und Theater Hannover

Helmholtz-Zentrum fuer Infektionsforschung GmbH Ruhr-Universitaet Bochum Mitteldeutscher Rundfunk Fritz-Haber-Institut der Max-Planck-Gesellschaft Berlin-Brandenburgische Akademie der Wissenschaften

Berufsakademie Sachsen Staatliche Studienakademie Bautzen Max-Planck-Gesellschaft Fachhochschule Giessen-Friedberg Staatliche Hochschule f. Musik u. Darstellende Kunst Stuttgart

Johann Wolfgang Goethe-Universitaet Forschungszentrum Dresden-Rossendorf e.V.

Max-Planck-Institut fuer Biophysik Universitaet zu Luebeck Hochschule fuer Musik und Theater Leipzig

Technische Universitaet Darmstadt Technische Universitaet Hamburg-Harburg Universitaet Kiel Hochschule Darmstadt Heinrich-Heine-Universitaet Duesseldorf

Medizinische Hochschule Hannover Universitaet Osnabrueck Hochschul-Informations-System GmbH Mathematisches Forschungsinstitut Oberwolfach gGmbH

Leibniz-Institut fuer Polymerforschung Dresden e.V. Fachhochschule Augsburg Leuphana Universitaet Lueneburg Paedagogische Hochschule Schwaebisch Gmuend

Regionales Hochschulrechenzentrum Kaiserslautern Deutsches Klimarechenzentrum GmbH Universitaet der Bundeswehr Muenchen Fachhochschule Braunschweig/Wolfenbuettel Zentrum fuer Informationsverarbeitung und Informationstechnik AC CAMERFIRMA S.A. Deutsches Zentrum fuer Luft- und Raumfahrt e.V. (DLR) Hochschule fuer Technik, Wirtschaft und Kultur Leipzig Deutsches Institut fuer Ernaehrungsforschung (DIfE) Max-Planck-Institut zur Erforschung von Gemeinschaftsguetern AC Camerfirma SA CIF A82743287 Helmholtz-Zentrum Berlin fuer Materialien und Energie GmbH Bayerische Staatsbibliothek ESO - European Organisation for Astronomical Research Swisscom AC Camerfirma SA state-institutions Hochschule Mittweida (FH) - University of Applied Sciences Georg-August-Universitaet Goettingen Technische Fachhochschule Berlin Universitaet Hamburg Hochschule Karlsruhe - Technik und Wirtschaft ComSign Ltd. Bank Leumi Le-Israel LTD Konrad-Zuse-Zentrum fuer Informationstechnik Berlin (ZIB) Technische Universitaet Dresden Bibliotheksservice-Zentrum Baden-Wuerttemberg Ludwig-Maximilians-Universitaet Muenchen

AC Camerfirma S.A. ComSign Hochschule fuer Wirtschaft und Umwelt Nuertingen-Geislingen Fachhochschule Oldenburg/Ostfriesland/Wilhelmshaven Forschungszentrum Juelich GmbH Paedagogische Hochschule Ludwigsburg Akademie fuer Lehrerfortbildung und Personalfuehrung Dillingen

Helmut-Schmidt-Universitaet Universitaet der Bundeswehr Hamburg Wissenschaftszentrum Berlin fuer Sozialforschung gGmbH Hochschule Bonn-Rhein-Sieg Universitaet Duisburg-Essen Leibniz-Zentrum fuer Agrarlandschaftsforschung (ZALF) e. V.

Georg-Simon-Ohm-Hochschule f. angewandte Wissenschaften FH Nbg Technische Universitaet Ilmenau Universitaet Regensburg Bundesanstalt f. Geowissenschaften u. Rohstoffe C=TW, O=Government Root Certification Authority

Fachhochschule Weihenstephan DFN-Verein Freie Universitaet Berlin Technische Universitaet Clausthal Microsoft Trust Network xE8xA1x8CxE6x94xBFxE9x99xA2

Hochschule Magdeburg Stendal (FH) Fachhochschule Frankfurt am Main Leibniz-Institut fuer Atmosphaerenphysik

Helmholtz-Zentrum fuer Umweltforschung GmbH - UFZ Deutsches Institut fuer Wirtschaftsforschung e.V. (DIW Berlin) Technische Universitaet Dortmund Hochschule fuer angewandte Wissenschaften - FH Deggendorf C=hk, O=C&W HKT SecureNet CA Class B Leibniz-Institut fuer Analytische Wissenschaften - ISAS - e.V. Hochschule fuer Grafik und Buchkunst Leipzig Hochschule fuer Wirtschaft und Recht Berlin Otto-von-Guericke-Universitaet Magdeburg Wells Fargo WellsSecure Wells Fargo Deutsches Institut fuer Internationale Paedagogische Forschung Universitaet des Saarlandes Gesellschaft fuer Schwerionenforschung mbH (GSI)

VISA Deutsches BiomasseForschungsZentrum gemeinnuetzige GmbH Deutscher Bundestag Martin-Luther-Universitaet Halle-Wittenberg A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH

Serasa S.A. Hochschule fuer angewandte Wissenschaften Fachhochschule Hof Hahn-Meitner-Institut Berlin GmbH Fachhochschule Bonn-Rhein-Sieg

Fachhochschule fuer Technik und Wirtschaft Berlin FernUniversitaet in Hagen Universitaet Greifswald Bauhaus-Universitaet Weimar STIFTUNG PREUSSISCHER KULTURBESITZ Baltimore Ministere education nationale (MENESR) Hochschule fuer angewandte Wissenschaften Fachhochschule Coburg Max-Planck-Institut fuer Gesellschaftsforschung Hochschule Ostwestfalen-Lippe Hochschule fuer Kuenste Bremen

Deutsche Telekom AG, Laboratories Hochschule Mannheim Bundesinstitut fuer Risikobewertung SHECA EUnet International UniTrust PrvnxC3xAD certifikaxC4x8DnxC3xAD autorita, a.s. Deutsches Krebsforschungszentrum (DKFZ) Freistaat Sachsen

Leibniz-Institut fuer Plasmaforschung und Technologie e.V. Hochschule Ravensburg-Weingarten Leibniz-Institut fuer Neurobiologie Magdeburg

Echoworx Corporation Fachhochschule Wuerzburg-Schweinfurt Technische Universitaet Bergakademie Freiberg Fachhochschule Erfurt Technische Universitaet Muenchen Halcom Agencia Catalana de Certificacio (NIF Q-0801176-I)

Hochschule fuer Angewandte Wissenschaften Hamburg Hochschule Wismar Hochschule Zittau/Goerlitz Universitaet Rostock

Kath. Universitaet Eichstaett-Ingolstadt Leibniz Universitaet Hannover Universitaet Giessen Fachhochschule Kiel AS Sertifitseerimiskeskus DIRECCION GENERAL DE LA POLICIA Saunalahden Serveri Oy

Fachhochschule Brandenburg Hochschule fuer Gestaltung Karlsruhe Duale Hochschule Baden-Wuerttemberg RWTH Aachen INDIA PKI

Helmholtz Zentrum Muenchen Hochschule Heilbronn Fachhochschule Aschaffenburg IZENPE S.A. Consejo General de la Abogacia NIF:Q-2863006I Dhimyotis CBEC Universitaet Kassel NORDAKADEMIE gAG Fachhochschule Neu-Ulm Ministere Education Nationale (MENESR)

Bergische Universitaet Wuppertal Hochschule Esslingen

EDICOM C=hk, O=C&W HKT SecureNet CA Class A xC4x8CeskxC3xA1 poxC5xA1ta, s.p. [IxC4x8C 47114983] Universitaet Siegen Universitaet Heidelberg Land Niedersachsen India PKI

Alfred-Wegener-Institut Hochschule Merseburg (FH) Mahanagar Telephone Nigam Limited

Badische Landesbibliothek Technische Fachhochschule Wildau Netrust Certificate Authority 1 Belgacom VAS Latvijas Pasts - Vien.reg.Nr.40003052790 Mahanagar Telephone Nigam Limited National Informatics Centre

TuTech Innovation GmbH Physikalisch-Technische Bundesanstalt Gouv

Fachhochschule Regensburg Bundesamt fuer Kartographie und Geodaesie Buypass AS-983163327 A-Trust ViaCode IZENPE S.A. - CIF A-01337260-RMerc.Vitoria-Gasteiz T1055 F62 S8 Gesellschaft fuer wissenschaftliche Datenverarbeitung Hochschule Ulm service-public gouv agriculture

Fachhochschule Dortmund Hochschule Offenburg Universitaet der Kuenste Berlin Port Autonome de Marseille

admin C=hk, O=C&W HKT SecureNet CA Root Universitaet Bonn Fachhochschule Wiesbaden Hochschule Niederrhein PM/SGDN Ministere en charge des affaires sanitaires et sociales

AOL Time Warner Inc. Hochschulbibliothekszentrum NRW Bundesamt fuer Strahlenschutz Fachhochschule Jena Secteur public xC3x89cologie DxC3xA9veloppement et AmxC3xA9nagement durables

Hochschule Muenchen Fachhochschule Muenster Hochschule Aalen E-CERTCHILE MINEFI MinistxC3xA8re xC3x89cologie, DxC3xA9veloppement et AmxC3xA9nagement durables

Karlsruhe Institute of Technology Universitaet Karlsruhe Charite - Universitaetsmedizin Berlin PTT Post Coventry City Council

Fachhochschule Hannover Deutsches Herzzentrum Berlin Universitaet Freiburg HafenCity Universitaet Hamburg Trustis Limited First Data Digital Certificates Inc. TxC3xBCrkiye Bilimsel ve Teknolojik AraxC5x9FtxC4xB1rma Kurumu - TxC3x9CBxC4xB0TAK B.A.T. Universitaet Tuebingen GESIS Fachhochschule Suedwestfalen POSTA MessageLabs BESSY Fachhochschule Gelsenkirchen

Autoridad Certificadora Raiz de la Secretaria de Economia, OU Ministere de la Justice Autoridad Certificadora de la Asociacion Nacional del Notariado Mexicano, A.C., O Hochschule Amberg-Weiden Deutscher Wetterdienst Paedagogische Hochschule Freiburg

Japan Certification Services, Inc. Deutsche Telekom AG HS-Harz

Fraunhofer Dioezese Rottenburg-Stuttgart Hochschule Neubrandenburg x00Ax00-x00Tx00rx00ux00sx00tx00 x00Gx00ex00sx00.x00 x00fx00xFCx00rx00 x00Sx00ix00cx00hx00ex00rx00hx00ex00ix00tx00sx00sx00yx00sx00tx00ex00mx00ex00 x00ix00mx00 x00ex00lx00ex00kx00tx00rx00.x00 x00Dx00ax00tx00ex00nx00vx00ex00rx00kx00ex00hx00rx00 x00Gx00mx00bx00H

Government CA/serialNumber TeliaSonera T-Systems Enterprise Services GmbH eSign Australia

Deutsche Post World Net C=AT, ST=Austria, L=Vienna, O=Arge Daten Oesterreichische Gesellschaft fuer Datenschutz/[email protected] CEDICAM Belgium Root CA2 BAH Department of Education and Training FNMT-RCM InfoNotary PLC Servicio de Certificacion del Colegio de Registradores (SCR) Certplus KEYNECTIS E-Telbank Sp. z o.o. Belgium Root CA Government CA CERTINOMIS TxC3x9CRKTRUST Bilgi xC4xB0letixC5x9Fim ve BilixC5x9Fim GxC3xBCvenlixC4x9Fi Hizmetleri A.xC5x9E. (c) KasxC4xB1m 2005 Wednesday, September 28, 2011 GlobalSign Generalitat Valenciana QuoVadis Limited, Bermuda C=SI, O=ACNLB GlobalSign nv-sa Ford Motor Company - Enterprise CA TxC3x9CRKTRUST Elektronik Sertifika Hizmet SaxC4x9FlayxC4xB1cxC4xB1sxC4xB1, C Thawte, Inc. TxC3x9CRKTRUST Elektronik Sunucu SertifikasxC4xB1 Hizmetleri, C beTRUSTed AURA - Gemini Observatory KIBS AD Skopje QuoVadis Trustlink Schweiz AG

certSIGN Northern Arizona University Mobile Armor Enterprise CA QuoVadis Limited ACE Limited Jabber Software Foundation Nestle Jo Tankers Autoridad de Certificacion Firmaprofesional CIF A62634068/emailAddress StartCom Ltd. Coop Genossenschaft Autoridad de Certificacion Firmaprofesional CIF A62634068 E-ME SSI (RCA) ABB Ltd. Alpha Miami University Migros Disig a.s. ICC-CPI Firmaprofesional S.A. NIF A-62634068 thawte, Inc. E-ME PSI (PCA) BGC-OffSubCA ADMINISTRACION NACIONAL DE CORREOS WISeKey I.CA - Qualified root certificate, O E-ME SI (CA1) Audkenni hf. Ford Motor Company - Enterprise Issuing CA01 DigiNotar B.V. ESG BV An Post Coop Touring Club Suisse (TCS) Giesecke and Devrient Comodo Japan Inc.

C=au, O=SecureNet CA Class B C=au, O=SecureNet CA Root Serasa Etisalat Digicert Sdn. Bhd.

Thawte Consulting ICP-Brasil XRamp Security Services Inc ZF LGPKI C=hk, O=C&W HKT SecureNet CA SGC Root MSFT Thawte Consulting cc agentschap Centraal Informatiepunt Beroepen Gezondheidszorg

C=au, O=SecureNet CA Class A Bechtel Corporation Cybertrust Thawte Consulting (Pty) Ltd. Staat der Nederlanden IPS Certification Authority s.l. ipsCA

InfoCert SpA Certipost s.a./n.v. VeriSign, Inc. Fundacion FESTE CDC KAS BANK N.V. Kas Bank NV Getronics PinkRoccade Nederland B.V. QuoVadis Trustlink BV I.T. Telecom GDT-SubCA-Public Postecom S.p.A. Sun Microsystems Inc Macao Post Telekom-Control-Kommission Digital Signature Trust GDT-EntSubCA-Public Betrusted Japan Co., Ltd. VeriSign Japan K.K. Xcert EZ by DST AffirmTrust U.S. Government Sacred Heart University CA Munich Re Group

Betrusted US Inc Centro Nazionale per l’Informatica nella PA MULTICERT-CA Siemens Issuing CA Class Internet Server V1.0 Unizeto Technologies S.A. VeriSign Trust Network Unizeto Sp. z o.o. American Express Channel Server CA 3 Comodo Limited GTE Corporation Trustwave Holdings, Inc. E-Sign S.A. Microsoft Root Certificate Authority

SwissSign AG TAIWAN-CA.COM Inc. Syncrude Canada Ltd SecureTrust Corporation Ministerie van Defensie Microsoft Corporation

YandexExternalCA Siemens Issuing CA Class STE C=au, O=SecureNet CA SGC Root Hongkong Post Chunghwa Telecom Co., Ltd.

Actalis S.p.A. global FINMECCANICA Microsoft Internet Authority ABA.ECOM, INC. Elektronik Bilgi Guvenligi A.S. xE4xB8xADxE8x8FxAFxE9x9BxBBxE4xBFxA1xE8x82xA1xE4xBBxBDxE6x9Cx89xE9x99x90xE5x85xACxE5x8FxB8 LUPKI01 Marks and Spencer Group plc SignKorea ComSign Advanced Security CA TradeSign Cybertrust Japan Co., Ltd. Sempra Energy

Equifax Secure KISA yessign Autoridad Certificadora del Colegio Nacional de Correduria Publica Mexicana, A.C., O TxC3x9CRKTRUST Elektronik xC4xB0xC5x9Flem Hizmetleri, C TAIWAN-CA DigiCert Inc. GAD eG

Dell Inc. Anthem Inc CrossCert

ANCE Certisign Certificadora Digital Ltda. SAIC KICA Colegio de Registradores de la Propiedad y Mercantiles de EspaxC3xB1a Sociedad Cameral de CertificacixC3xB3n Digital - CerticxC3xA1mara S.A.

Cybertrust Inc adidas AG

SECOM Trust.net KBC Group Thawte I.CA - Standard root certificate, O D-Trust GmbH Agencia Notarial de Certificacion S.L. Unipersonal - CIF B83395988 IPS Internet publishing Services s.l. SIA S.p.A. SCEE IPS Seguridad CA SCEE - Sistema de CertificaxE7xE3o ElectrxF3nica do Estado

Sonera EBG BilixC5x9Fim Teknolojileri ve Hizmetleri A.xC5x9E. Entidad de Certificacion Digital Abierta Certicamara S.A. National Institute of Informatics Intesa Sanpaolo S.p.A. Cisco Systems

Digital Signature Trust Co. SECOM Trust Systems CO.,LTD. NalcoExternalPolicyCA-1 Secure Business Services, Inc.

Vodafone Group Network Solutions L.L.C. Certicamara S.A. Entidad de Certificacion Deutscher Sparkassen Verlag GmbH Skaitmeninio sertifikavimo centras Japanese Government NetLock Kft. Fuji Xerox Cybertrust, Inc DigiCert Inc NetLock Halozatbiztonsagi Kft. FNMT

ValiCert, Inc. Trusted Secure Certificate Authority Microsec Ltd. Microsoft Root Authority Vaestorekisterikeskus CA Actalis S.p.A./03358520967 Government of Korea

Starfield Technologies, Inc. Servision Inc. Sempra Energy Secure Server CA1 Certeurope IDEACROSS INC. KAGOYA JAPAN Inc. GAD EG

RSA Data Security, Inc. America Online Inc. Wachovia Corporation RSA Security Inc. XiPS Microsoft Secure Server Authority

TaiOne International Ltd. Unicert Brasil Certificadora Positive Software Corporation

MasterCard Worldwide INTEC Communications Inc. The Go Daddy Group, Inc. GLOBE HOSTING CERTIFICATION AUTHORITY

SunGard Availability Services RegisterFly.com, inc.

Earthlink Inc AusCERT

NalcoExternalIssuingCA-1 The USERTRUST Network

SHCRoot Saphety WebSpace-Forum, Thomas Wendt Entrust.net Registry Pro

Network Associates WebSpace-Forum e.K.

RSA Security Inc Accenture Digi-Sign Limited EUNETIC GmbH

O=Mortgage and Settlement Service Trust CA shcica Equifax CENTRAL SECURITY PATROLS CO., LTD.

TC TrustCenter GmbH SCEE - Sistema de CertificaxC3xA7xC3xA3o ElectrxC3xB3nica do Estado AddTrust Sweden AB Telstra Corporation Limited GoDaddy.com, Inc. Intesa Sanpaolo S.p.A. CA Servizi Esterni MindGenies COMODO CA Limited WoSign, Inc.

Firstserver, Inc. DRS-TEM Wotone Communications, Inc. Register.com GANDI SAS

eBiz Networks Ltd SGssl

Comodo CA Limited Configuration, CN OVH SAS

Intel Corporation UGIS S.p.A. TERENA

Google Inc First Data Corporation TDC Internet

Telstra RSS Issuing CA1 Aetna Inc. Entrust, Inc. AddTrust AB

General Electric Company UIS-IntB-CA DigiNotar

NTT DOCOMO, INC. GeoTrust Inc. CNNIC SSL FreeSSL

GeoTrust, Inc. TDC RBC Hosting Center OptimumSSL CA

UIS-IsuB1-CA The Walt Disney Company CA

Jack Henry and Associates, Inc.

Equifax Secure Inc.

GeoTrust Inc

TC TrustCenter for Security in Data Networks GmbH CNNIC

ChainedSSL Nederlandse Orde van Advocaten

The Walt Disney Company Commerce CA

EON

The Walt Disney Company Enterprise CA

Energie-Control GmbH

ARGE DATEN - Austrian Society for Data Protection

ARGE DATEN - Austrian Society for Data Protection and Privacy

e-commerce monitoring GmbH Campus Berlin-Buch