top | item 44597870

(no title)

yarekt | 7 months ago

Err what? That certificate may well have been leaked, but because it expired the bank doesn’t not consider it an issue, no need to revoke it.

Certificate validity is binary. either it all is, or it isn’t. this included “not before”

discuss

AnthonyMouse|7 months ago

Not only that, banks are generally pretty diligent about that sort of thing and have enough customers and resources that if their website is misconfigured someone is going to report it immediately and they're going to fix it immediately. Which means that a certificate error on a bank site is suspicious.

Whereas a certificate error on a disused blog is pretty much what you'd expect from a disused blog.

whydoyoucare|7 months ago

We scream at the expired certificate, yet happily let CloudFlare be an official MitM. How ironic is that? :)

Dylan16807|7 months ago

The chance that happened is pretty low. What kind of breach gets old keys but nothing else of note?