Angels of security

Posts Tagged ‘pki’

wildcard certificates security

Sunday, July 25th, 2010

In the previous post I mentioned multi-domain certificates but not wildcard certificates as a solution to the problem. The reason I didn’t mention wildcard certificates is because they have their own inherent security risks. If one subdomain is compromised, all subdomains may be compromised. (Verisign even states this clearly on their page on wildcard certificates.)

Tags: certificates, pki
Posted in cryptography | Comments Off

About this blog

This is not your normal information security blog. This blog is where I vent and struggle against the standards of infosec orthodoxy (wow - I can't even believe there is such a thing). If you're looking for a place to just get the standard security professional line on everything then this is not the place for you. This is a place to read the opinions (and I have many) of someone who often disagrees with standard conventions and isn't afraid to say so.