Fina Root Ca Signs Certificates for 1.1.1.1
Posted4 months agoActive4 months ago
crt.shTechstory
skepticalnegative
Debate
60/100
Certificate AuthorityCloudflareCybersecurity
Key topics
Certificate Authority
Cloudflare
Cybersecurity
The Fina Root CA issued a certificate for Cloudflare's 1.1.1.1, raising concerns about the CA's trustworthiness and Cloudflare's monitoring practices.
Snapshot generated from the HN discussion
Discussion Activity
Light discussionFirst comment
2d
Peak period
2
84-90h
Avg / period
1.3
Key moments
- 01Story posted
Sep 1, 2025 at 1:23 AM EDT
4 months ago
Step 01 - 02First comment
Sep 3, 2025 at 8:31 AM EDT
2d after posting
Step 02 - 03Peak activity
2 comments in 84-90h
Hottest window of the conversation
Step 03 - 04Latest activity
Sep 4, 2025 at 2:12 PM EDT
4 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Discussion (4 comments)
Showing 4 comments
agwa
4 months ago
1 replyThis CA is trusted only by Microsoft. I and others have reported problematic CAs to Microsoft in the past (though this particular one wasn't on my radar) only for our concerns to be ignored. Mozilla, Chrome, and Apple have actual standards and don't trust CAs like this.
bwesterb
4 months ago
It's also trusted as an EU Trust Service Provider. https://eidas.ec.europa.eu/efda/trust-services/browse/eidas/...
That's basically QWACS.
<ins>Ah, of course you mentioned it in the other thread!</ins>
mcgyver5152011
4 months ago
1 replyShould Cloudflare have been monitoring CT logs to spot this earlier?
bwesterb
4 months ago
We definitely should have, and that is on us. We'll fix it. https://blog.cloudflare.com/unauthorized-issuance-of-certifi...
View full discussion on Hacker News
ID: 45089708Type: storyLast synced: 11/20/2025, 8:56:45 PM
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.