

Ask HN: Why is there so much mess around SSL certs? - jumper5

...and I do NOT mean just in context of Comodo and DigiNotar issues.<p>* They are at times pretty costly, even when most of the tasks can be automated<p>* The stupidity of wildcard certs -www.domain.tld versus domain.tld<p>* The vendors often have several categories of certs, as if I'm buying Windows Vista<p>* The prices among vendors varies significantly<p>Doesn't all of this, inclusive of the fake certs fiasco, render the whole technology useless. I do realise my exaggeration but heck, I'm frustrated.
======
iwwr
CA certs are currently the only widely available web technology against MITM
attacks. The alternative is to build your own web of trust.

