[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Chinese root CA issues rogue/fake certificates

Subject: Chinese root CA issues rogue/fake certificates
From: bortzmeyer at nic.fr (Stephane Bortzmeyer)
Date: Thu, 1 Sep 2016 12:19:51 +0200
In-reply-to: <[email protected]>
References: <CAB69EHjh+xLBzP+XoEUpo3fRYC_33aQWCEuDZPJc8MtxdshjQg@mail.gmail.com> <CA+E3k91eiwyykLV05fVL89Fd=USe-pzuhFRx4SFaCnuYMYskKA@mail.gmail.com> <CA+E3k923N8JRguG0yfjFg6ZkfhrUxc+CcxwD0Rh9kULgrCvr-Q@mail.gmail.com> <[email protected]>

On Thu, Sep 01, 2016 at 11:36:57AM +1000,
 Matt Palmer <mpalmer at hezmatt.org> wrote 
 a message of 45 lines which said:

> I'd be surprised if most business continuity people could even name
> their cert provider,

And they're right because it would be a useless information: without
DANE, *any* CA can issue a certificate for *your* domain, whether you
are a client or not.

Follow-Ups:
- Chinese root CA issues rogue/fake certificates
  - From: eric.kuhnke at gmail.com (Eric Kuhnke)
- Chinese root CA issues rogue/fake certificates
  - From: george.herbert at gmail.com (George William Herbert)

References:
- Chinese root CA issues rogue/fake certificates
  - From: mpalmer at hezmatt.org (Matt Palmer)

Prev by Date: Chinese root CA issues rogue/fake certificates
Next by Date: Don't press the big red buttom on the wall!
Previous by thread: Chinese root CA issues rogue/fake certificates
Next by thread: Chinese root CA issues rogue/fake certificates
Index(es):
- Date
- Thread