[Owasp-singapore] The Problem of Issuing Certs For Unqualified Names

Wong Onn Chee ocwong at usa.net
Thu Apr 7 12:11:53 EDT 2011


http://threatpost.com/en_us/blogs/problem-issuing-certs-unqualified-names-040611

I nearly laughed my head off when I read this

"In the Observatory we have discovered many examples of CA-signed
certificates unqualified domain names. In fact, the most common
unqualified name is 'localhost', which always refers to /your own
computer/! It simply makes no sense for a public CA to sign a
certificate for this private name."

The web of trust inherent for CAs to function is slowly decaying....

-- 

Best Regards
Onn Chee

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20110408/b330fbc8/attachment.html 


More information about the Owasp-singapore mailing list