Salta al contenuto principale

mastodon - Collegamento all'originale

Wednesday’s discovery of three mis-issued TLS certificates for Cloudflare’s 1.1.1.1 encrypted DNS lookup service generated intense interest and concern among Internet security practitioners. Since then, new information and analysis have become available, including the issuance of nine additional certificates since February 2024. This FAQ list is designed to answer questions raised in comments to the story and to provide the latest on what’s known about the incident,

arstechnica.com/information-te…


The number of mis-issued 1.1.1.1 certificates grows. Here’s the latest.

Everything to know about about the mishap that threatened to expose millions of users’ queries.
Dan Goodin (Ars Technica)
in reply to Dan Goodin

Dan Goodin
mastodon - Collegamento all'originale
Dan Goodin
Remember the old trope about open-source software being more secure because of the many eyes that can review the source code? As we've learned over and over from events such as Heartbleed, many of those eyes don't pay attention. The same dynamic is playing out in the TLS certificate landscape. All browser-trusted certificates are openly published, but stakeholders often don't bother to run automated tools to monitor them, as we see from this incident.