GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Untitled attachment

Download link

Notices where this attachment appears

  1. Embed this notice
    Thomas Steen Rasmussen (tykling@mastodon.social)'s status on Thursday, 16-Nov-2023 02:11:41 JST Thomas Steen Rasmussen Thomas Steen Rasmussen

    I was investigating an MITM today where the attacker was using a real LetsEncrypt certificate. This was possible because an NS record domain expired and was re-registered by the attacker

    A few weeks ago there was also the jabber.ru MITM issue where a valid LE cert had also been issued.

    Both of these attacks could have been avoided by using CAA account pinning.

    You should add this on all domains today!

    For an example see the CAA record for bornhack.dk https://caatest.co.uk/bornhack.dk

    Spread the word!

    In conversation about a year ago from mastodon.social permalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.