undefined | Better HN

0 pointslxgr1y ago0 comments

The problem here isn't really that one mis-issued certificate, but rather the general problematic behavior of that CA reported in TFA.

If a CA can be convinced to issue a server certificate for google.com, would you feel very comfortable trusting their contract/deed/... signing certificates?

0 comments

Muromec1y ago

If the government says you need to use their CA, you may feel the feelings, but you will still use them

KetoManx641y ago

What would stop me from purging all this CA's certificates from my computet?

j / k navigate · click thread line to collapse