Happy birthday to Let’s Encrypt !

Huge thanks to everyone involved in making HTTPS available to everyone for free !

  • lud@lemm.ee
    link
    fedilink
    English
    arrow-up
    1
    ·
    3 hours ago

    If one system is somehow compromised, the attacker could effectively impersonate all the systems on your entire domain if they had the wildcard cert. Maybe it’s not a huge deal for individuals but for companies or other organisations it could be extremely dangerous.

    If someone wanted a wildcard cert at work I would be very cautious before I even considered issuing one. Unfortunately there are a few wildcard certs on our domain, but those are from before my time.