Let’s Encrypt discovers CAA bug
Let’s Encrypt announced that it had discovered a bug in its CAA (Certification Authority Authorization) code.The bug opens up a window of time in which a certificate might be issued even if a CAA record in that domain’s DNS should prohibit it.As a result, Let’s encrypt is taking security and safety...