Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Yes - I thought this was a cryptographic breakthrough, but it's just people breaking promises.


That, and it demonstrates how bad the default SSL trust model is. If the gmail.com certificate came from Thawte yesterday and comes from the Department of Defense or CNNIC today, your browser will happily accept it without warning.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: