Comment on Hetzner Server auction worth it?
waigl@lemmy.world 10 months agoWait, they managed to forge Let’s Encrypt certificates? While it explains the attack on TLS (though technically not https as originally claimed, not that it makes much of a difference), that’s even worse…
Darkassassin07@lemmy.ca 10 months ago
If you have control over the host, getting a legit valid cert is trivial.
They’re a hosting company. It wouldn’t take much for them to temporarily have a vps grab some certs for domains that already point at you.
taladar@sh.itjust.works 10 months ago
Technically you don’t even need to have control over the host, just over the data flow to the IP.