Mozilla and Microsoft said Thursday they are revoking trust in all certificates issued by Digicert, a Malaysian intermediate certificate authority, after it was found that it had issued 22 certificates with weak 512 bit keys and missing certificate extensions and revocation information.
The Malaysian company was issued an intermediate CA certificate in July, 2010 by Entrust, which was licensed for distribution with SSL (Secure Sockets Layer) and S/MIME (Secure/Multipurpose Internet Mail Extensions) certificates.

Entrust said in a bulletin on its website that it had been discovered that Digicert Malaysia has issued certificates with weak 512 bit RSA keys and missing certificate extensions. Entrust has revoked the 512 bit certificates issued by Digicert and made them available to major browser vendors to blacklist if found appropriate, it added.

The link for this article located at Tech World is no longer available.