undefined | Better HN

0 pointsmangeletti10y ago0 comments

Which is the whole value proposition of a CA. Without this, a website and its clients are vulnerable to MitM attacks.

0 comments

But not vulnerable to passive wholesale eavesdropping that the NSA and likely other worldwide spies agencies have been doing.

If vulnerability to active spying is some sort of consultation prize, then why don't browsers disable CA checks and we can all self-sign?

j / k navigate · click thread line to collapse

0 pointsmangeletti10y ago0 comments

Which is the whole value proposition of a CA. Without this, a website and its clients are vulnerable to MitM attacks.

But not vulnerable to passive wholesale eavesdropping that the NSA and likely other worldwide spies agencies have been doing.

If vulnerability to active spying is some sort of consultation prize, then why don't browsers disable CA checks and we can all self-sign?

j / k navigate · click thread line to collapse