Using just a laptop, boffins sniff, spoof and pry – without busting browser padlock https://www.theregister.co.uk/2018/09/06/boffins_break_cas_domain_validation/ … via @theregister
This is a bit misleading. The article is about tricking a CA into issuing a certificate for a domain to somebody other than the owner. It's not about "spoofing certificates" or breaking anything on the crypto level.
-
-
You're right, thanks – we've straightened out the language used in the article. It is the websites being spoofed, not the certificates. https://www.theregister.co.uk/2018/09/06/certificate_authority_dns_validation/ …
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.