Currently browsing tag


It’s Time To Abolish SSL Certificate Authorities

Yet another case this week where unsuspecting users were compromised because a certificate authority that they had never heard of screwed up. In case you hadn't heard, they issued a certificate for (Google!) to somebody other than Google, and apparently that certificate was in fact used to compromise users in Iran. This is not…