Sun Microsystems Alerts on Compromised Keys and Cert Issues

A mishap that compromised the integrity of two security keys used by Sun Microsystems is fueling criticism of current methods for scrambling sensitive data and verifying identities on the Web. Sun last week issued a warning that two of its applications' . . . A mishap that compromised the integrity of two security keys used by Sun Microsystems is fueling criticism of current methods for scrambling sensitive data and verifying identities on the Web. Sun last week issued a warning that two of its applications' "certificates" had been compromised after the company inadvertently included certificate numbers in early-stage, or "alpha," code it sent to partners. A certificate verifies the identity of an application's source, in this case Sun.

The alert, posted on Sun's Web site and distributed through security groups, has precipitated criticism from Internet security analysts who say the system for getting the word out about compromised certificates is inadequate.

The link for this article located at News.com is no longer available.