Certificate cleanup for most personal computers

Susan bradley By Susan Bradley

A little Dutch company potentially lets a flood of problems into our Windows machines.

The company manages digital certificates; after its recent break-in by hackers, security certificates for Mozilla, Yahoo, WordPress, and other sites are now suspect.

On a daily basis, no matter what our level of paranoia, we trust the companies we work with. … Well, at least our browsers and computers do. Inside all computers, both Windows and Mac, is a collection of digital certificates that everyone on the Net has agreed to trust. On Vista and Windows 7 systems, these root certificates (definition) are updated by the issuer automatically. But on Windows XP machines, they’re updated manually.

Companies doing business on the Internet buy certificates linked to a root certificate and automatically become part of the chain of trust. Because your computer trusts the vendor who provided the root certificate, it automatically trusts all online businesses with associated certificates.

This process is the foundation for secure Web transactions such as shopping on Amazon, online-banking, and e-mail.

Many updates after breaks in the chain of trust

Typically, this system works well. But on the rare occasions it fails — when the chain of trust is broken — it can instantly affect thousands of PCs.

This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.

= Paid content

All Windows Secrets articles posted on 2011-09-08:

Susan Bradley

About Susan Bradley

Susan Bradley is a Small Business Server and Security MVP, a title awarded by Microsoft to independent experts who do not work for the company. She's also a partner in a California CPA firm.