

Ask HN: Why aren't Google, Facebook or Twitter CAs? - niels_olson

It would seem to me that their graphs are stronger predictors of authenticity then government sanctioned ID or financial payments.
======
PebblesHD
It would require a massive investment in infrastructure and licensing to
become a CA that I suspect the major internet firms are unwilling to pay. The
amount of paperwork and day to day management time required to run such an
operation would be massive. In this case, unless the government/other
certifying body is willing to accept current identifiers from these companies,
they gain no benefit from becoming CAs.

~~~
dragonwriter
> It would require a massive investment in infrastructure and licensing to
> become a CA that I suspect the major internet firms are unwilling to pay.

Or they could just invest some of the vast pile of cash that some of them (I'm
looking at you, Google) have lying around, and buy an existing, widely trusted
CA, which would probably be lower-risk than investing in infrastructure and
licensing; they still end up with full control of how the CA _works_ going
forward either way.

~~~
dfc
Why do you think it would be lower risk?

~~~
dragonwriter
> Why do you think it would be lower risk?

Because gaining control of an existing trusted CAs (and, consequently,
existing widely trusted root certificates) gives them built-in reach that
doesn't have to be be grown.

------
tedchs
So, Google _is_ a CA. Check the certificate chain for
[https://www.google.com](https://www.google.com): issued by "Google Internet
Authority G2".

~~~
achernya
More details on [http://pki.google.com/](http://pki.google.com/).

------
michaelchum
Sorry for my ignorance but what is a CA? Here in Canada, CA stands for
Chartered Accountant.

~~~
frigg
CA stands for Certificate Authority in this case.

