[Cryptography] Commercial PKI as dog poop
Stephan Neuhaus
stephan.neuhaus at zhaw.ch
Tue May 11 06:06:56 EDT 2021
On 5/10/21 11:23 AM, Peter Gutmann wrote:
> Hat tip to an anonymous contributor: Go to https://www.dogpoopsigns.com and
> look at the certificate. It's actually issued for https://www.smartsign.com,
> but is also valid for www.smartsign.com, [...a bunch of other, unrelated domains]
>
> OK, it's CDN certificate, for which a random jumble of unrelated DNs like this
> is the norm. The unintended dogpoop comedy is a good indication of the state
> of commercial PKI in this area.
>
> Peter.
I've looked at this cert and I'm at a loss. If they can get a jumbo cert
like this from GoDaddy, surely they could also get a bunch of single
certs from letsencrypt. Is it really that much bother to set up certbot?
Fun
Stephan
PS: Now I have to explain to my students why I'm on a domain that sells
dog poop signs. Thanks, I guess!
More information about the cryptography
mailing list