ZDNet

Let's Encrypt disables TLS-SNI-01 validation

Let's Encrypt has disabled TLS-SNI-01 validation after the discovery of an attack able to hijack certificates using the protocol. The certificate authority, which offers free SSL and TLS certificates ...
Bleeping Computer

Cloudflare Improves Privacy by Encrypting the SNI During TLS Negotiation

Cloudflare announces today support for encrypted Server Name Indication, a mechanism that makes it more difficult to track user's browsing. A web server can host multiple websites, with all of them ...
Infosecurity-magazine.com

Let's Encrypt Flaw Allowed Hackers to Hijack Certificates

The organization behind Let’s Encrypt has moved quickly to fix a vulnerability which could have allowed attackers to obtain certificates for domains they did not own. The Certificate Authority (CA), ...