(community.letsencrypt.org)

314 points Bogdanp | 1 comments | 25 Jun 25 16:21 UTC | HN request time: 0.405s | source

Show context

0xbadcafebee ◴[25 Jun 25 18:27 UTC] No.44380422[source]▶

Nice, another exploit for TLS. The previous ones were all about generating valid certs for a domain you don't own. This one will be for generating a cert for an IP you don't own. The blackhats will be hooting and hollering on telegram :)

replies(1): >>44385289 #

1. jeroenhd ◴[26 Jun 25 08:15 UTC] No.44385289[source]▶

>>44380422 #

IP certificates have been a thing for many years now. The only change is that Let's Encrypt now also provides them.

↑

Getting ready to issue IP address certificates