First good argument I see about why the GitHub acquisition is bad.https://twitter.com/ErrataRob/status/1003396869052141568 …
They had to authorize the certificate to be issued to Cloudflare or a similar service, or had to have provided a private key for a certificate already issued. If not, the CA that issued the cert is in violation of CA policy and can/should be removed from trusted CA set.
-
-
Especially now with CT logs, wrongfully issued certs WILL be caught, and someone will be held accountable.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.