Hacker News new | ask | show | jobs
by yarekt 329 days ago
Err what? That certificate may well have been leaked, but because it expired the bank doesn’t not consider it an issue, no need to revoke it.

Certificate validity is binary. either it all is, or it isn’t. this included “not before”
3 comments
AnthonyMouse 329 days ago
Not only that, banks are generally pretty diligent about that sort of thing and have enough customers and resources that if their website is misconfigured someone is going to report it immediately and they're going to fix it immediately. Which means that a certificate error on a bank site is suspicious.

Whereas a certificate error on a disused blog is pretty much what you'd expect from a disused blog.

link
whydoyoucare 329 days ago
We scream at the expired certificate, yet happily let CloudFlare be an official MitM. How ironic is that? :)
link
Dylan16807 329 days ago
The chance that happened is pretty low. What kind of breach gets old keys but nothing else of note?
link