Comment by codedokode
3 years ago
So should we conclude that SSL cert infrastructure is completely compromised and now any country can issue fake certificates?
3 years ago
So should we conclude that SSL cert infrastructure is completely compromised and now any country can issue fake certificates?
No, there is no reason to jump to such extremes.
There are approximately 10 Tier-1 ISPs through which majority of Internet traffic passes, and unless I misunderstood something, they can issue valid certificates for almost any domain. To me it looks like "completely compromised".
Every CA can issue valid certificates for every domain? And it always has been that way.
2 replies →