
Sci-Hub 'Pirate Bay for Science' Security Certs Revoked by Comodo - okket
https://torrentfreak.com/sci-hub-pirate-bay-for-science-security-certs-revoked-by-comodo-ca-180503/
======
fuscy
Doesn't this move seem like it breaches some kind of ethical and moral
guidelines?

It's putting the safety of users at risk just because of a litigation.

I find it akin to denying health checks to a patient that could have a highly
contagious disease which puts everyone coming in contact at risk.

~~~
hd4
>“In response to a court order against Sci-Hub, Comodo CA has revoked four
certificates for the site”

I think they have more pressing concerns than ethics and morals. I'm not
saying I agree btw. I think it's precisely moves like this that will undermine
the concept of security certificates entirely, to the point where no one will
concern themselves with a site having a legit CA certificate or not. Similar
to how cryptocurrency is undermining our precepts of fiat currency. People
will start to feel at some point that it matters more that there _is_ a secure
channel to the site they're using than the certificate authority who tells you
whether that site is legit.

~~~
saurik
But without a CA, the current SSL system (which I agree sucks) does not
actually offer much security: your "secure channel" can be trivially man-in-
the-middle'd.

~~~
hd4
I thought we were all using TLS..

------
Pica_soO
The ultimate strike is still in the making - if you work on university on a
paper and cite another paper- and that university has not subscription to the
original publication- then its only some crooked steps towards implicating
unreachable sources as pirated.

~~~
btrettel
Most universities have interlibrary loan departments to obtain items outside
of the university's holdings. This route would be slower, but it is legal and
I suspect a publisher would have a hard time proving in court that someone
downloaded an article on Sci-Hub rather than used their interlibrary loan
service. Maybe they could get the interlibrary loan request records and check
that, but I do not suspect libraries would hand those records out without good
reason. And I think that is far more effort than your average publisher would
be willing to put in.

Plus, as the other commenter said, citing a paper unfortunately does not mean
that someone has a copy of it.

------
nootropicat
DANE in DNSSEC would solve that. Unfortunately no major browser supports it.

