top | item 36343468

(no title)

rob-olmos | 2 years ago

Do you have a blog post or writeup on how you discovered that? Thanks!

discuss

agwa|2 years ago

This all happened less than 2 hours ago, but a quick summary is that my Certificate Transparency monitor, Cert Spotter (https://sslmate.com/certspotter) performs various sanity checks on every certificate that it observes. At 15:41 UTC today, I started getting alerts that certificates from Let's Encrypt were failing one particular check. I quickly emailed Let's Encrypt's problem reporting address, and Let's Encrypt promptly suspended issuance so they could investigate. I've lost count of how many CAs I've detected having this particular problem, so perhaps it is time to blog about it (https://www.agwa.name/blog if you're interested).

mardifoufs|2 years ago

That's awesome!! I wonder if let's encrypt runs sanity checks before/after issuing certs too?

conroydave|2 years ago

this is why i will always love hacker news. thank you

toomuchtodo|2 years ago

Curious people contributing to the ongoing functioning of critical systems at scale. Thank you for your effort!

https://xkcd.com/2347/

unknown|2 years ago

[deleted]

mholt|2 years ago

I would love to read a blog of yours with more information.

dopamean|2 years ago

This iso so awesome. Thank you for sharing. I hope you do write about that problem. I'd love to learn something new.

danShumway|2 years ago

I will also throw out a quick vote that I'd be interested in reading a blog post about it.