Story

Certificate authorities (CAs) are issuing certificates with broken implementations of the Certificate Authority Authorization (CAA) standard, which could allow unauthorized domains to obtain valid SSL/TLS certificates for a website, compromising its security.