(credit: Michael Rosenstein) Last August, after being alerted by GitHub’s security team that the certificate authority WoSign had errantly issued a certificate for a GitHub domain to someone other than GitHub, Google began an investigation in collaboration with the Mozilla Foundation and a group of security professionals into the company’s certificate issuance practices. The investigationĀ uncovered […]
