Gandalf_The_Grey
Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 7,260
On Wednesday millions of Transport Layer Security certificates will be revoked because of a Certificate Authority Authorization bug.
Popular free certificate authority Let’s Encrypt said it will revoke 3 million Transport Layer Security (TLS) certificates Wednesday, because of a Certificate Authority Authorization (CAA) bug. The move could mean that millions of websites and machine identities that rely on those certificates to protect sensitive data flow could be identified as insecure, or rendered unavailable.
Certificate users contacted by Threatpost said they were notified of the revocation Tuesday and given 24 hours to resolve the issue. Certificates will be revoked March 4, 9:00 p.m. EST.
“I manage 200 domains across 20 servers and have until the end of the day to fix the problem,” said Mark Engelhardt, IT consultant with Intuitive Engineering, in Montpelier, Vt. “Let’s Encrypt did not handle this in an ideal fashion at all.”
Popular free certificate authority Let’s Encrypt said it will revoke 3 million Transport Layer Security (TLS) certificates Wednesday, because of a Certificate Authority Authorization (CAA) bug. The move could mean that millions of websites and machine identities that rely on those certificates to protect sensitive data flow could be identified as insecure, or rendered unavailable.
Certificate users contacted by Threatpost said they were notified of the revocation Tuesday and given 24 hours to resolve the issue. Certificates will be revoked March 4, 9:00 p.m. EST.
“I manage 200 domains across 20 servers and have until the end of the day to fix the problem,” said Mark Engelhardt, IT consultant with Intuitive Engineering, in Montpelier, Vt. “Let’s Encrypt did not handle this in an ideal fashion at all.”
Let's Encrypt to Revoke Millions of TLS Certs
On Wednesday millions of Transport Layer Security certificates will be revoked because of a Certificate Authority Authorization bug.
threatpost.com