Comodo Issues Eight Forbidden Certificates

November 9, 2015

Certificate authority Comodo admits it incorrectly issued eight certificates that include forbidden internal server names or reserved IP addresses. In 2012, the Certificate Authority/Browser Forum banned the use of such designations for certs issued after Nov. 1, 2015. The decision was meant to cut off a common practice of CAs issuing certificates for internal servers that were not unique and exposed networks to man-in-the-middle attacks and other risks.

Related Posts Let’s Encrypt Hits Another Free HTTPS Milestone October 20, 2015 , 3:30 pm Practical SHA-1 Collision Months, Not Years, Away October 9, 2015 , 10:00 am First Let’s Encrypt Free Certificate Goes Live September 15, 2015 , 3:17 pm Comodo senior research and development scientist Rob Stradling wrote in a post to the CA/B forum that last Thursday it discovered that its CA system had issued the offending certs.

Read full story…