Signature Detail

SSL: DigiNotar Certificate Key Negotiation

This signature detects clients negotiating a connection with a server using a certificate issued by DigiNotar. DigiNotar certificates are no longer valid due to a trust compromise. Un-updated web browsers may still attempt a key exchange with these servers, which could result providing information to a party other than the intended recipient (e.g. a faked web site). Despite being updated, Internet Explorer still performs a key negotiation but warns before continuing the connection.

References

• URL: http://www.microsoft.com/technet/security/advisory/2607712.mspx
• URL: http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert