Is anyone tracking the number of forged certs issued by @startssl? One vuln in one CA puts the whole system at risk:
http://oalmanna.blogspot.in/2016/03/startssl-domain-validation.html …
-
-
Replying to @MalwareJake
@MalwareJake@startssl Or did they validate? The email address entered is in the WHOIS database. We may never know..pic.twitter.com/FNOiQLvSDU
2 replies 1 retweet 0 likes
Replying to @MalwareJake
@MalwareJake @startssl The OP either did a horrible job of choosing an email address to demo this all, or the vul doesn't really even exist.
5:59 AM - 22 Mar 2016
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.