undefined | Better HN

0 pointssigzero11y ago0 comments

I don't think it is dick behavior at all. That has always been their policy. They have no control of the software originating the problem. It is up to them to wave or not but not choosing to doesn't make the anything but a business.

0 comments

Karunamon11y ago

So it's a business. So it's policy. Those are not defenses.

A CA profiting from a vulnerability is a fairly perverse incentive, too.

lotsofmangos11y ago

What else do CAs profit from if it isn't security vulnerabilities?

Their whole purpose is to help with the authentication side of security. They didn't force anyone to use buggy code written by a third party and it is not their fault that many of their customers have gone and done so.

j / k navigate · click thread line to collapse