Wednesday’s discovery of three mis-issued TLS certificates for Cloudflare’s 1.1.1.1 encrypted DNS lookup service generated intense interest and concern among Internet security practitioners. The revelation raised the possibility that an unknown entity had obtained the cryptographic equivalent of a skeleton key that could be used to surreptitiously decrypt millions of users’ DNS queries that were encrypted through DNS over TLS or DNS over HTTPS. From there, the scammers could have read queries or even tampered with results to send 1.1.1.1 users to malicious sites.
Since then, new information and analysis have become available, including the issuance of nine additional certificates since February 2024. This FAQ list is designed to answer questions raised in comments to the story and to provide the latest on what’s known about the incident, which Cloudflare said Thursday constituted an “unacceptable lapse in security by Fina CA,” the Microsoft-trusted certificate authority (CA) responsible for all 12 of the mis-issued certificates.
You asked; we answer
Has new information come to light since Wednesday morning?
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.