Signing (intermediate) certs have been compromised before. That means a bad actor can issue fake certs that are validated up to your root ca certs
While you can invalidate that signing cert, without useful and ubiquitous revocation lists, there’s nothing you can do to propagate that.
A compromised signing certs, effectively means invalidating the ca cert, to limit the damage
Arghblarg@lemmy.ca 6 days ago
Oh, I’m really just pining for the days before the ‘Eternal September’, I suppose. We can’t go back, I know. :/