Symantec is an unbelievably bad certificate authority.
-
-
This is a HUGE no-no. There are very specific rules certificate authorities must follow to verify that a certificate request is authorized.
-
Even if the certs were only for testing, if a system allows employees to bypass authorization, it will allow attackers to bypass it too.
- 8 more replies
New conversation -
-
-
Im very interested to hear from Symantec how this has happened.This + 2015 event indicates they may not have proper systems in place
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.