Mis-issued certificates for 1.1.1.1 DNS service pose a threat to the Internet
Mis-issued certificates for 1.1.1.1 DNS service pose a threat to the Internet
arstechnica.com
Mis-issued certificates for 1.1.1.1 DNS service pose a threat to the Internet
The three certificates were issued in May but only came to light Wednesday.
Very interesting, considering one.one.one has DNS CAA configured. I wonder if that works for their DNS over TLS certs. Those have to be signed by IP, right?