A security incident involving a mis-issued certificate for Cloudflare's 1.1.1.1 DNS service has exposed a serious vulnerability. We break down how an obscure Certificate Authority, trusted by Microsoft but not others, left Windows users exposed to a potential man-in-the-middle attack. Join us as we explore the deeper systemic issues at play, from the failure of automated monitoring to the broader pattern of governance failures in the Web PKI. We also discuss why this incident is a critical reminder of the dangers of passive trust and how new regulations like eIDAS 2.0 could make the problem even worse.

Ver todos los episodios