Meep Meep! A story of certificate (un)verification 🔏📜🔍❌
ACME clients seldom check the certificates they receive
This article discusses the lack of certificate checking done by ACMEv2 clients, as well as the lack of provision in the ACMEv2 protocol specification to encourage any checking. This article explores the implications of this, and demonstrate why we should probably being doing some additional checks in our ACMEv2 clients.
The project is called “Meep Meep”, because that’s the sound a roadrunner makes. The author couldn’t think of a cleverer name for something related to ACME.
[Read More]