Let's Encrypt plugs hole that let miscreants grab HTTPS web certs for strangers' domains

by
from The Register on (#3D5KR)
Story ImageShared hosting oversight bites free SSL/TLS certificate org

Let's Encrypt - a SSL/TLS certificate authority run by the non-profit Internet Security Research Group (ISRG) to programmatically provide websites with free certs for their HTTPS websites - on Thursday said it is discontinuing TLS-SNI validation because it's insecure in the context of many shared hosting providers."

External Content
Source RSS or Atom Feed
Feed Location http://www.theregister.co.uk/headlines.atom
Feed Title The Register
Feed Link https://www.theregister.com/
Feed Copyright Copyright © 2025, Situation Publishing
Reply 0 comments