Mis-issued certificates for 1.1.1.1 DNS service pose a threat to the Internet
7 days ago
- #Cloudflare
- #TLS Certificates
- #Internet Security
- Internet security experts raise concerns over TLS certificates issued for 1.1.1.1, a DNS service by Cloudflare and APNIC.
- Certificates can decrypt DNS over HTTPS queries and may affect services like Cloudflare's WARP VPN.
- Certificates were issued by Fina RDC 2020, a subordinate of Fina Root CA, trusted by Microsoft.
- Microsoft has engaged the certificate authority and plans to block the affected certificates.
- Google and Mozilla confirm Chrome and Firefox never trusted the certificates; Safari also does not list Fina.
- The identity of the organization or person who obtained the certificates remains unknown.