Sorry for being ignorant here - I have not even been aware that it is possible to buy a '*.*.com' domain at all.
I though wildcards were limited to having a domain off a TLD - like '*.mydomain.tld'. Is it true that the my browser on a windows, mac, or linux desktop may have listed as trusted authorities, an outfit that sells '*.*.tld' ? Thanks, - Mike On Sep 9, 2011, at 2:54 PM, Paul wrote: > On 09/09/2011 11:48 AM, Marcus Reid wrote: >> On Wed, Sep 07, 2011 at 09:17:10AM -0700, Network IP Dog wrote: >>> FYI!!! >>> >>> http://seattletimes.nwsource.com/html/microsoftpri0/2016132391_microsoft_dee >>> ms_all_diginotar_certificates_untrust.html >>> >>> Google and Mozilla have also updated their browsers to block all DigiNotar >>> certificates, while Apple has been silent on the issue, a emblematic zombie >>> response! >> Apple has sent out a notification saying that they are removing >> DigiNotar from their list of trusted root certs. >> >> I like this response; instant CA death penalty seems to put the >> incentives about where they need to be. >> >> Marcus >> > Instant? This has been going on for over a week, and a lot of damage could > have been done in that time, especially given certs for *.*.com were signed > against Diginotar. Most cell phones are unable to update their certificates > without an upgrade and you know how long it takes to get them through Cell > Phone carriers. A number of alternative android builds are adding the > ability to control accepted root certs to their builds in the interest of > speeding this up. The CA system is fundamentally flawed. > > Paul >