Chinese Certificate Authority 'mistakenly' gave out SSL Certs for GitHub Domains

A Chinese certificate authority (CA) appeared to be making a significant security blunder by handing out duplicate SSL certificates for a base domain if someone just has control over its any subdomain. The certificate authority, named WoSign, issued a base certificate for the Github domains to an unnamed GitHub user. But How? First of all, do you know, the traditional Digital Certificate

from The Hacker News http://ift.tt/2bwY1BK
via https://ifttt.com/ IFTTT