← Back to context

Comment by codedokode

3 years ago

So should we conclude that SSL cert infrastructure is completely compromised and now any country can issue fake certificates?

No, there is no reason to jump to such extremes.

  • There are approximately 10 Tier-1 ISPs through which majority of Internet traffic passes, and unless I misunderstood something, they can issue valid certificates for almost any domain. To me it looks like "completely compromised".