[Cryptography] distrusted root CA: WoSign

Georgi Guninski guninski at guninski.com
Sat Oct 1 08:37:20 EDT 2016


On Fri, Sep 30, 2016 at 11:23:17AM -0700, John Denker wrote:
> > Mozilla says it has lost confidence in WoSign's ability to protect 
> > HTTPS system
>

AFAICT, things are more complicated since WoSign bought StartCom and
they have some cross-signatures, possibly to WoSign roots.
So mozilla might have to ditch StartCom too, which will break a lot of
stuff for the lusers.
 


More information about the cryptography mailing list