Skip to content

Commit

Permalink
housekeeping
Browse files Browse the repository at this point in the history
  • Loading branch information
@kansal15
kansal15 committed Aug 16, 2024
1 parent dc030a1 commit 7b1c306
Showing 1 changed file with 8 additions and 8 deletions.
16 changes: 8 additions & 8 deletions 2024/08/epicCAFails.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,15 +80,15 @@ <h3 class="title">June 2024</h3>
<b class="pheader">Entrust Incident March-May 2024 <br> (Google Chrome 127
and higher distrust certificates issued by Entrust roots whose
earliest Signed Certificate Timestamp (SCT) is dated after October
31, 2024)</b>
31, 2024)</b> <br>
Entrust, one of the oldest Certification Authorities (CAs), is in
trouble with Mozilla and other root stores. In the last several years,
going back to 2020, there have been multiple persistent technical
problems with Entrust’s certificates. That’s not a big deal when it
happens once, or even a couple of times, and when it’s handled well. But
according to Mozilla and others, it hasn’t been. Over time, frustration
grew. Promises were made, then broken. Finally, in May, Mozilla compiled
a list of recent issues and asked Entrust to formally respond.
a list of recent issues and asked Entrust to formally respond.<br>
<a href="https://www.feistyduck.com/newsletter/issue_114_entrust_in_trouble"
target="_blank"> Entrust in Trouble </a> <br>
<a href="https://wiki.mozilla.org/CA/Entrust_Issues"
Expand Down Expand Up @@ -120,9 +120,9 @@ <h3 class="title">June 2023</h3>
issuance, resolved the issue, and revoked the affected certificates as
per the Baseline Requirements. To delve into the incident's details,
including the root cause and impact, you can refer to the detailed blog
post available at: <a
href="https://www.agwa.name/blog/post/last_weeks_lets_encrypt_downtime"
target="_blank">https://www.agwa.name/blog/post/last_weeks_lets_encrypt_downtime</a>.
post available at: <br>
<a href="https://www.agwa.name/blog/post/last_weeks_lets_encrypt_downtime"
target="_blank">https://www.agwa.name/blog/post/last_weeks_lets_encrypt_downtime</a>.
</p>
</div>
</div>
Expand All @@ -133,14 +133,14 @@ <h3 class="title">June 2023</h3>
<h3 class="title">June 2023</h3>
<p class="description">
<b class="pheader">HiCA's Unconventional Certificate Obtaining Process
Raises Concerns</b>
Raises Concerns</b> <br>
HiCA, has been found injecting arbitrary code into the certificate
obtaining process, raising questions about its safety and intentions.
The company's deviation from standard ACME protocols and its use of
unconventional practices, including executing remote commands, pose
potential security risks. For more details on the incident and its
impact, refer to the comprehensive analysis in the detailed post: <a
href="https://github.com/acmesh-official/acme.sh/issues/4659"
impact, refer to the comprehensive analysis in the detailed post: <br>
<a href="https://github.com/acmesh-official/acme.sh/issues/4659"
target="_blank">https://github.com/acmesh-official/acme.sh/issues/4659</a>.
</p>
</div>
Expand Down

0 comments on commit 7b1c306

Please sign in to comment.