Remix clone Hacker News

Are you aware of a single real world not theoretical security breach caused by an unrevoked certificate that lived too long?

▲

woodruffw 3 days ago | parent [-]

A real-world example of this would be Heartbleed, where users rotated without revoking their previously compromised certificates[1].

[1]: https://en.wikipedia.org/wiki/Heartbleed#Certificate_renewal...

▲

ocdtrekkie 2 days ago | parent [-]

Was a single certificate actually compromised and/or used maliciously? I am looking for an actual breach, not a theoretical scenario.

▲

ferngodfather a day ago | parent | next [-]

Based on that Wikipedia article, no. This is just more of the same friendless PKI geeks making the world unnecessarily more complicated. The only other people that benefit are the certificate management companies that sell more software to manage these insane changes.

▲

woodruffw a day ago | parent [-]

Did you read it? There are multiple examples of claimed exploitation right below the section I linked.

	▲	ferngodfather a day ago \| parent [-]
		Which bit says about stealing a certificate/keys and MITMing traffic with the stolen keys - with real world ramifications?

▲

woodruffw a day ago | parent | prev [-]

There are multiple examples of service compromise in the linked Wikipedia page.