

Further improving digital certificate security - slashdotaccount
http://googleonlinesecurity.blogspot.com/2013/12/further-improving-digital-certificate.html

======
ctz
The web-going public desperately needs a bigger stick with which to hit a CA
which screws up. 'Sudden death' would be a nice idea if the browser vendor
half of CAB could achieve it. A bond held by CAB and forfeited to UNHRC (or
someone) on an event like this would work, too.

CT is a great idea, and the CAs really must pull their collective fingers out
and support it, but only works to detect screw ups after the fact.

