Connect with us

Let's Encrypt Revoking 3 Million TLS Certificates Issued Incorrectly Due to a Bug

Josh

Published

on

Follow
NEWS: Let's Encrypt Revoking 3 Million TLS Certificates Issued Incorrectly Due to a Bug [New Tech News] » Naijacrawl
Photo: Naijacrawl

The most popular free certificate signing authority Let's Encrypt is going to revoke more than 3 million TLS certificates within the next 24 hours that may have been issued wrongfully due to a bug in its Certificate Authority software.




The bug, which Let's Encrypt confirmed on February 29 and was fixed two hours after discovery, impacted the way it checked the domain name ownership before issuing new TLS certificates.


As a result, the bug opened up a scenario where a certificate could be issued even without adequately validating the holder's control of a domain name.


The Certification Authority Authorization (CAA), an internet security policy, allows domain name holders to indicate to certificate authorities (CAs) whether or not they are authorized to issue digital certificates for a specific domain name.

Click Here To Comment




Josh
 

Programmer Read More

Continue Reading
Click to comment

Be first to comment


Leave a Reply

Your email address will not be published. Required fields are marked *

Latest


Download Naijacrawl App today

Fastest way to read on the go

Download the Naijacrawl App.