|
|
|
|
|
|
by agwa
1107 days ago
|
|
|
They aren't in any root programs. They're just taking certificate requests and relaying them to real CAs, which is why they need to exploit an RCE in the ACME client, since the ACME client wouldn't otherwise be able to complete the validations required by the actual CA. |
|
|