{"id":37618,"date":"2022-11-11T16:56:36","date_gmt":"2022-11-11T21:56:36","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=37618"},"modified":"2022-11-11T16:56:36","modified_gmt":"2022-11-11T21:56:36","slug":"an-untrustworthy-tls-certificate-in-browsers","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2022\/11\/11\/an-untrustworthy-tls-certificate-in-browsers\/","title":{"rendered":"An Untrustworthy TLS Certificate in Browsers"},"content":{"rendered":"

Cory Doctorow<\/a> (via Bruce Schneier<\/a>):<\/p>\n

Yesterday, the Washington Post<\/em>’s Joseph Menn published an in-depth investigation into Trustcor<\/a>, a certificate authority that is trusted by default by Safari, Chrome and Firefox:<\/p>

Menn’s report is alarming. Working from reports from University of Calgary privacy researcher Joel Reardon and UC Berkeley security researcher Serge Egelman, Menn presented a laundry list of profoundly disturbing problems with Trustcor[…]<\/p>

[…]<\/p>

Today, learning that the CA-vetting process I’d blithely assumed was careful and sober-sided is so slapdash that a company without a working phone or a valid physical address could be trusted by billions of browsers, I feel like I did when I decided not to fill my opioid prescription.<\/p><\/blockquote>","protected":false},"excerpt":{"rendered":"

Cory Doctorow (via Bruce Schneier): Yesterday, the Washington Post’s Joseph Menn published an in-depth investigation into Trustcor, a certificate authority that is trusted by default by Safari, Chrome and Firefox:Menn’s report is alarming. Working from reports from University of Calgary privacy researcher Joel Reardon and UC Berkeley security researcher Serge Egelman, Menn presented a laundry […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2022-11-11T21:56:39Z","apple_news_api_id":"e82a71e1-f61a-481b-8b5a-42056fa3b91f","apple_news_api_modified_at":"2022-11-11T21:56:39Z","apple_news_api_revision":"AAAAAAAAAAD\/\/\/\/\/\/\/\/\/\/w==","apple_news_api_share_url":"https:\/\/apple.news\/A6Cpx4fYaSBuLWkIFb6O5Hw","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[279,456,31,2185,30,2223,103,48,581,96],"class_list":["post-37618","post","type-post","status-publish","format-standard","hentry","category-technology","tag-firefox","tag-googlechrome","tag-ios","tag-ios-16","tag-mac","tag-macos-13-ventura","tag-safari","tag-security","tag-ssltls","tag-web"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/37618","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=37618"}],"version-history":[{"count":1,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/37618\/revisions"}],"predecessor-version":[{"id":37619,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/37618\/revisions\/37619"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=37618"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=37618"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=37618"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}