GoDaddy — Does not take down rogue SSL Certificate Requests

GoDaddy, as a root CA, offer a service of issuing SSL certificates on any domain. Although the procedure of issuing a new certificate includes validation with the domain owner, a malicious user is capable of spamming the owners with validation emails, hoping for the owner to accidentally approve the certificate. Attempts to contact GoDaddy’s abuse team or general support have no effect, and the validation emails keep coming in.

More information provided on Security.StackExchange article: https://security.stackexchange.com/questions/258014/reporting-a-root-ca-non-compliance

Leave a Reply

Your email address will not be published. Required fields are marked *

The maximum upload file size: 100 MB. You can upload: image, audio, video, document, spreadsheet, interactive, text, archive, code, other. Links to YouTube, Facebook, Twitter and other services inserted in the comment text will be automatically embedded. Drop file here