Certificate authority GlobalSign has said that it will start bringing its services back online from Monday (12 September).
Earlier this week, GlobalSign issued a statement saying that it took a claim that the ‘Comodo Hacker', Ich Sun, had access to its certificates "very seriously" and added: “As a responsible CA, we have decided to temporarily cease issuance of all certificates until the investigation is complete.”
GlobalSign has now said that it deems this to be "an industry-wide threat due to the mention [by Ich Sun] of multiple CAs". It said it was "adopting a high-threat approach to bringing services back online and working with a number of organisations to audit the process".
It added: “We would like to take the opportunity to explain that the GlobalSign CA root was created offline and always has been offline. Any claim by Comodo Hacker to hold a private key does not refer to the GlobalSign offline root CA. The investigation also continues.”
Following an announcement by Mozilla that it would revoke access in DigiNotar certificates from all of its software, it has now sent communication to its trusted certificate authorities calling on them to conduct security audits to ensure they are not susceptible to counterfeit certificates.
It has given them eight days to confirm their systems are secure from the same type of compromise that hit DigiNotar.
Kathleen Wilson, module owner of Mozilla's CA certificates module, also confirmed that the communication does not go into any details about how a CA should protect their network and servers, and it was not aiming to provide specifics about password best practice.
Wilson said: “To date, the Mozilla CA Certificate Policy has been focused on operations and process regarding certificate issuance and revocation. The annual WebTrust/ETSI audits that we require are also along the same lines. Perhaps we should consider requiring audits more along the lines of network security by experts in intrusion detection?”