Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Nice, another exploit for TLS. The previous ones were all about generating valid certs for a domain you don't own. This one will be for generating a cert for an IP you don't own. The blackhats will be hooting and hollering on telegram :)


IP certificates have been a thing for many years now. The only change is that Let's Encrypt now also provides them.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: