(community.letsencrypt.org)

320 points Bogdanp | 2 comments | 25 Jun 25 16:21 UTC | HN request time: 0.401s | source

1. richm44 ◴[25 Jun 25 17:40 UTC] No.44379904[source]▶

Time for me to dust off CVE-2010-3170 again? :-)

2. NicolaiS ◴[25 Jun 25 20:38 UTC] No.44381602[source]▶

I guess a bunch of "roll your own X.509 validation"-logic will have that bug, but to exploit it you need a misbehaving CA to issue you such a cert (i.e. low likelihood)

↑

Getting ready to issue IP address certificates