Is anyone tracking the number of forged certs issued by @startssl? One vuln in one CA puts the whole system at risk:
http://oalmanna.blogspot.in/2016/03/startssl-domain-validation.html …
@AsoomAlma @MalwareJake All we can do at this point is to take @startssl 's word on what verification was happening on the server side.
-
-
@AsoomAlma
@MalwareJake Per@startssl, the only reason the email was accepted was because it was listed in the WHOIS database.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.