Skip to content
Better HN
Top
New
Best
Ask
Show
Jobs
Search
⌘K
0 points
bawolff
11mo ago
0 comments
Share
> Issuing a Google certificate is a good way to get your whole CA killed.
Surely what happened here is a good way to get your CA killed? The linked bug seems pretty bad.
undefined | Better HN
0 comments
default
newest
oldest
tptacek
11mo ago
Less clear on that. Bugs happen. I'm not an expert on browser root policies.
thayne
11mo ago
From what I understand one of the factors is how often things like this happen, and how well they handle it when it does.
agwa
11mo ago
Historically, singular domain validation bugs have not killed CAs.
j
/
k
navigate · click thread line to collapse
