Chinese root CA issues rogue/fake certificates

• Previous message (by thread): Root and ARPA DNSSEC operational message -- signature validity period
• Next message (by thread): Chinese root CA issues rogue/fake certificates
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.percya.com/2016/08/chinese-ca-wosign-faces-revocation.html

One of the largest Chinese root certificate authority WoSign issued many
fake certificates due to an vulnerability.  WoSign's free certificate
service allowed its users to get a certificate for the base domain if they
were able to prove control of a subdomain. This means that if you can
control a subdomain of a major website, say percy.github.io, you're able to
obtain a certificate by WoSign for github.io, taking control over the
entire domain.

• Previous message (by thread): Root and ARPA DNSSEC operational message -- signature validity period
• Next message (by thread): Chinese root CA issues rogue/fake certificates
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]