This seems to be just a way to generate a wildcard cert with a custom CA with many layers of subdomain? At first I thought it was an exploit that meant it was accepted out of the box on all browsers, which would have been concerning.
It wasn't my intent to imply that. However, it would be possible for a trusted CA to issue a certificate like this, which would allow anyone holding it to intercept any SSL traffic without raising alarms.
9 comments
[ 3.1 ms ] story [ 31.1 ms ] thread