Google calls for halting use of WHOIS for TLS domain verificationsThreat actors can exploit WHOIS data verification to fraudulently obtain TLS certificates, prompting calls for a reevaluation of verification practices.
Rogue WHOIS server gives researcher superpowers no one should ever haveThe acquisition of an expired domain allowed security researcher Benjamin Harris to demonstrate significant vulnerabilities within WHOIS registration and TLS certificate processes.
Google calls for halting use of WHOIS for TLS domain verificationsThreat actors can exploit WHOIS data verification to fraudulently obtain TLS certificates, prompting calls for a reevaluation of verification practices.
Rogue WHOIS server gives researcher superpowers no one should ever haveThe acquisition of an expired domain allowed security researcher Benjamin Harris to demonstrate significant vulnerabilities within WHOIS registration and TLS certificate processes.
Microsoft hits snooze again on security certificate renewalMicrosoft encountered issues with expired TLS certificates causing security warnings.