Here’s a theoretical scenario that I came up with recently while playing around with a CDN provider. I’ve noticed that some companies that use Let’s Encrypt to generate customer certificates will put multiple customers’ subdomains on the same certificate (the two that I’ve encountered so far are Sm…

[image] Proving any or all identifier for certificate revocation This situation would meet the bar for administrative revocation by Let’s Encrypt. From Proving any or all identifier for certificate revocation - #4 by cpu

Inability to revoke based on a Subject Alternative Name

Issuance Policy

tdelmas February 27, 2020, 10:54pm 2

From Proving any or all identifier for certificate revocation - #4 by cpu

4 Likes

Topic		Replies	Views
Proving any or all identifier for certificate revocation Issuance Policy	4	940	March 14, 2020
Someone registered a cert for my domain they dont own Help	6	588	February 14, 2024
Revoke certificate generated by a compromised host or DNS Help	12	1066	August 13, 2022
Where come the Alternative Names from? Help	3	472	August 27, 2020
Revoking certificates with different LE Accounts Help	5	208	July 25, 2024

Inability to revoke based on a Subject Alternative Name

Related topics