Proof that the CA trust model is fundamentally broken. A certificate issuer, namely Trustico, sends 20k private keys to their mother CA Digicert. By e-mail.https://twitter.com/taviso/status/968930688303968256 …
-
-
If Digicert knew they were doing that, Digicert's CA cert should be revoked. If not, Digicert should just revoke all their resold certs, terminate reseller contract with them, & blacklist the ppl behind it from future reselling deals.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.