Facebook helps companies detect rogue SSL certificates for domains

Click here to visit Original posting

Facebook has launched a tool that allows domain name owners to discover TLS/SSL certificates that were issued without their knowledge.

The tool uses data collected from the many Certificate Transparency logs that are publicly accessible. Certificate Transparency (CT) is a new open standard requiring certificate authorities to disclose the certificate that they issue.

Until a few years ago, there was no way of tracking the certificates issued by every certificate authority (CA). At best, researchers could scan the entire web and collect those certificates being used on public servers. This made it very hard to discover cases where CAs issued certificates for domain names without the approval of those domains' owners.

To read this article in full or to leave a comment, please click here

Facebook helps companies detect rogue SSL certificates for domains

Intel and AMD won’t like that: Detailed benchmarking of Amazon Graviton4 shows fantastic performance/price — this is the biggest server CPU threat yet to x86 duopoly and it won’t go away

Your old Android phone just got a video boost thanks to a new Blackmagic Camera update

The best Verizon Wireless plans for 2024

X is now using your posts (and more) to train its Grok AI, but there’s something you can do about it