EFF says digital certificate signers aren’t doing their job.
SSL certificate providers gain trust by validating the domain names they are signing.
So you might be surprised that they’re signing certificates for domain names that can’t even exist.
Electronic Frontier Foundation dug up over a thousand certificates for domain names attached to non existent top level domain names. Many of these were probably entered in error, but consider “TLDs” such as .trust, .nyc, .services, .seattle, and .college.
Those were all among the list EFF compiled. (The list appears to include some valid TLDs, though.)
EFF suggests that this isn’t a real problem now (other than obvious problems with certificate authorities) but it could be a big issue when some of these non-existent TLDs turn into real TLDs.
Leave a Comment