Chinese root CA issues rogue/fake certificates
George William Herbert
george.herbert at gmail.com
Thu Sep 1 04:33:18 UTC 2016
> On Aug 31, 2016, at 6:36 PM, Matt Palmer <mpalmer at hezmatt.org> wrote:
>
> there's just waaaay too many sites using WoSign (and StartCom) for the
> CAs' roots to just be pulled. Sad, but true.
Not even. Pull away.
> I'd be surprised if most business continuity people could even name their
> cert provider, and most probably don't even know how certs come to exist or
> that they *can* be made useless on a wide scale by the actions of,
> seemingly, an unrelated third party.
Not in my neck of the woods. If you have a drought of good ones in your area my consulting company calls that an opportunity...
Sent from my iPhone
More information about the NANOG
mailing list