/top/
/new/
/best/
/ask/
/show/
/job/
^
slacker news
login
about
←back to thread
A Brazilian CA trusted only by Microsoft has issued a certificate for google.com
(follow.agwa.name)
482 points
sanqui
| 1 comments |
30 Nov 24 21:35 UTC
|
HN request time: 0.204s
|
source
Show context
cjalmeida
◴[
01 Dec 24 01:32 UTC
]
No.
42285429
[source]
▶
>>42284202 (OP)
#
It gets worse. ICP-Brasil, the AC mentioned in the bug reports, the the government run agency responsible for all things related to digital signatures. Digitally signing a contract, a deed, accessing tax returns…
replies(2):
>>42285683
#
>>42286883
#
layer8
◴[
01 Dec 24 02:33 UTC
]
No.
42285683
[source]
▶
>>42285429
#
Unlike web browsers, digital signature use cases should perform revocation checks, so revoking the google.com certificate should solve that.
replies(3):
>>42285783
#
>>42285825
#
>>42292286
#
1.
bawolff
◴[
02 Dec 24 01:38 UTC
]
No.
42292286
[source]
▶
>>42285683
#
Just need to DoS the revocation server right before your digital signature is checked.
ID:
GO
↑