|
|
|
|
|
|
by veidr
3126 days ago
|
|
|
TL;DR for those who forgot the back story: StartCom was a low-cost certificate authority that sold to interests whose web of ownership links back to a telecom owned by the authoritarian government of China. Given the brazen nature of that government's internet surveillance practices, that alone was cause for suspicion, and then Apple, Google, and Microsoft all stopped trusting Startcom-issued certificates after an investigation concluded that WoSign intentionally mis-issued certificates in order to circumvent browser restrictions[1]. So, good riddance. [1]: https://security.googleblog.com/2016/10/distrusting-wosign-a... |
|
|