Let’s Encrypt plugs hole that let miscreants grab HTTPS web certs for strangers’ domains

Shared hosting oversight bites free SSL/TLS certificate org

Let’s Encrypt – a SSL/TLS certificate authority run by the non-profit Internet Security Research Group (ISRG) to programmatically provide websites with free certs for their HTTPS websites – on Thursday said it is discontinuing TLS-SNI validation because it’s insecure in the context of many shared hosting providers.…

The Register – Security
Secure Hunter Anti -Malware

The post Let’s Encrypt plugs hole that let miscreants grab HTTPS web certs for strangers’ domains appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2Dc2VBo
Secure Hunter