Trustico
Company type | Private company |
---|---|
Industry | Internet security, Public key infrastructure |
Headquarters | , |
Trustico is a dedicated
History
The company was founded in 2006 in United Kingdom by Zane Lucas. They gradually spread around the world over the following years. The firm currently operates entirely in the selling of SSL Certificates.[citation needed]
On 22 June 2017 Trustico entered a Partnership with
The company became notable in March 2018, after its CEO transferred the
This was followed by the disclosure of a critical security flaw โ a publicly accessible root shell โ in the Trustico website, after which the website was taken offline.[7][8] The result was that thousands of Trustico customers had their security certificates revoked by DigiCert.[1]
Products
- SSL Certificates
Controversies
Symantec abandonment, 2018
Following
DigiCert and Trustico spat, 2018
On 2 February Trustico sent an email to DigiCert requesting the revocation of all Symantec Certificates - around 50,000 - managed by DigiCert. DigiCert, who had recently acquired Symantec's[12][13][14] CA business denies the request to mass-revoke the certificates. On 25 February DigiCert terminated its contract with Trustico after Trustico said it would seek a legal opinion on the matter.[15]
On 27 February DigiCert released a statement claiming they had received an email from Trustico containing over 23,000 private keys before mass emailing Trustico's customers about the security breach.[4][15]
See also
- Certificate Authority
- Cryptography
- Cyber Security
- HTTP
- HTTPS
- Public Key Certificate
- Public Key Infrastructure
- TLS/SSL
References
- ^ a b c d "23,000 HTTPS certs will be axed in next 24 hours after private keys leak". The Register. Retrieved 11 September 2018.
- ^ "Comodo and Trustico Team Up in Strategic Worldwide Partnership". www.prnewswire.com (Press release). Retrieved 2018-09-24.
- ^ "Strategic global partnership announced between Comodo and Trustico - News @ WebHosting.info". News @ WebHosting.info. 2017-06-23. Retrieved 2018-09-24.
- ^ a b c "23,000 HTTPS certificates axed after CEO emails private keys". 2018.
- ZDNet.
- ^ a b "23,000 Digital Certificates Revoked in DigiCert-Trustico Spat - SecurityWeek.Com". www.securityweek.com. March 2018.
- ^ "Trustico website goes dark after someone drops critical flaw on Twitter". 2018.
- ^ "HTTPS cert flingers Trustico, SSL Direct go TITSUP after website security blunder blabbed". The Register.
- ^ "Chrome's Plan to Distrust Symantec Certificates". Google Online Security Blog. Retrieved 2018-09-24.
- ^ "Trustico abandons Symantec SSL certificates -". Enterprise Times. 2018-02-19. Retrieved 2018-09-24.
- ^ "Trustico Abandons Symantec SSL Certificates". Retrieved 2018-09-24.
- ^ "Distrust of the Symantec PKI: Immediate action needed by site operators". Google Online Security Blog. Retrieved 2018-09-24.
- ^ "Symantec to sell SSL certificate and PKI business to DigiCert". Comodo News and Internet Security Information. 2017-08-03. Retrieved 2018-09-24.
- ^ "Symantec Sells SSL Business to DigiCert for $950M in Cash and 30% Shares". BleepingComputer. Retrieved 2018-09-24.
- ^ a b "23,000 Users Lose SSL Certificates in Trustico-DigiCert Spat". BleepingComputer. Retrieved 2018-09-24.