I just read an article on SANS: DigiNotar breach - the story so far. To be clear: This is not a Microsoft analysis nor any official statement from us. What we have to say is in the advisory: Microsoft Security Advisory (2607712) - Fraudulent Digital Certificates Could Allow Spoofing. It just gives an interesting overview of what happens.
What strikes me is the following fact: In the digital world a 99.9% security that a certificate can be trusted seems not to be enough – we need 100%. If we look at the physical world, we are completely different. I have a Swiss passport, which is highly regarded as a trusted document everywhere I traveled so far. It is well-known that it is an interesting target as well to create fake Swiss passports because it is well-trusted. We all know that a certain amount of passports are faked out there but we still trust them without even thinking twice (except if you work at immigration) for banking, health, whatever. I still try to understand, where the difference comes from. Why is this the case?
Are you seriously complaining that what happened is acceptable? It seems you're missing the importance of SSL to the web...
@anon think you missed the point.
No, I do not say that it is accetable. My question is more that we should think about how far we need to have 100% security (which is not achievable anyway) and how we can transfer our experience from the real world.
In the real world somebody having a fake passport the punishment in our case is signifcant and this is right so. If somebody hacks into a system or exploits vulnerabilities they are not really punished - something which has to change.
However, we shoudl accept the fact that even a high-trust CA might sometimes make mistakes - as a passport issuing agency. I think it is questionable whether a CA shall immediately completely lose the trust because of such an incident. Again, we should take the analogy