Schrauger's blog » The story of how WoSign gave me an SSL certificate for GitHub


Oh well. And if you’re interested in something more recent,

Proposed Action [...] Mozilla now proposes that new certificates from WoSign and StartCOM should no longer be trusted in their browser. They could reapply for browser inclusion in a year under certain conditions. Existing certificates would still be trusted. This would theoretically allow WoSign to create backdated certificates, however Mozilla announced that if they saw any evidence of this they would immediately distrust all Wosign/StartCOM certificates. [...]