[cryptography] Let's go back to the beginning on this
marsh at extendedsubset.com
Tue Sep 13 15:10:13 EDT 2011
On 09/13/2011 01:31 PM, Seth David Schoen wrote:
> An example from yesterday was
> which had a valid cert a while ago and then recently stopped. (Their
> HTTPS support was reported to us as working on June 29; according to
> Perspectives, the most recent change apparently happened on September 9.)
They got hacked by LulzSec back in June, their web software was ancient
like a time capsule. IIRC, there were a lot of subject-alt names on that
shared-IP certificate. No doubt the private key was compromised.
It probably took this long to reissue and re-deploy all the sites.
More information about the cryptography