Yesterday afternoon, the WeChat group ( click to join ) was discussing and sharing this article Spring Boot's detailed process of configuring HTTPS .
Then a group of friends jumped out and complained: Stop engaging in HTTPS, when the time comes, you will be sanctioned together, and the following tweets are sent:
Scott Helme, who posted the tweet, is a hacker, founder of Security Headers and Report Uri, author of Pluralsight, and BBC Hacker-in-Residence.
He said CAs now appear to be stopping issuing certificates for Russian domains and even revoking certificates that have been issued for Russian domains before. At the same time, he also gave a report on the revoked certificate:
For example, this is a Russian bank: https://crt.sh/?id=5828347935 Interested friends can go to study, and these:
https://crt.sh/?id=5828347935
https://crt.sh/?id=6218871547
https://crt.sh/?id=4582341817
https://crt.sh/?id=2713661323
If this is also part of the sanctions, it will definitely have a big impact on current Internet applications, and maybe it will really become one of the risks. DD here is a casual question, does your current system have the ability to quickly switch between HTTP and HTTPS?
Since I didn't seem to see the relevant sanctions statement recently, DD went to find this tweet again and found that there was another one in the reply:
The authors say that while instances of certificate revocation have been found, there is no indication yet that this is related to sanctions.
Therefore, it is still unclear whether this is sanctions or other reasons. So what do you think about this? Or if you know more information, please leave a message to share.
Welcome to my public account: Programmer DD. Learn about cutting-edge industry news for the first time, share in-depth technical dry goods, and obtain high-quality learning resources
java
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。