Hacker News new | comments | show | ask | jobs | submit login

Having the US department of defense be able to forge certificates for every site world-wide, in every major browser - out of the box - might be a little too much, even with the CA system as broken as it is.

On the other hand, if you run your own CA and mostly care about your own users - using a cert signed by your own CA makes sense - to a certain extent.




I think the question was "why aren't they running this public website with a cert signed by a widely trusted CA"?


Well it is widely trusted by everyone on NIPRnet...

So TLS (X.509) only allows serving a single certificate. You have to choose to serve one trusted by people you need not to be hacked (your own CA) or a commercial one to reduce in general the likelihood of being hacked. I can see why they chose the first option.

Obviously if websites were not signed by one of the 'root trust' paths but by several, and the reputation of each of those trust paths, and the host itself, was tracked in a decentralised secure database where trust was built over time, that would be better.

Oops, I just suggested blockchain snake oil would solve something.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: