The number of mis-issued 1.1.1.1 certificates grows. Here’s the latest.
The discovery of three mis-issued TLS certificates for Cloudflare’s 1.1.1.1 encrypted DNS lookup service has sparked concern among Internet security experts, as it could potentially allow unauthorized decryption of users' DNS queries. Since then, it has been revealed that a total of 12 mis-issued certificates have been identified, with nine additional certificates issued since February 2024. Cloudflare has acknowledged the security lapse by Fina CA, the certificate authority responsible for the mis-issued certificates. The incident highlights the importance of maintaining robust security measures in the issuance of digital certificates.
Ars Technica•