Gregory's ServerThe take away is that when this passes, we should distrust all CA's and verify certificates on important servers another way.
BTW, this attack was already used against a Russian xmpp server at Hetzner. The trust model is fundamentally broken
BTW, this attack was already used against a Russian xmpp server at Hetzner. The trust model is fundamentally broken