Hacker News new | past | comments | ask | show | jobs | submit login

Finally, "there are several dozen CAs and some are really sketchy" becomes a strength, rather than a weakness!

Sketchy CAs that issue certificates to people that don't actually own the domains in question tend to get nuked from the chain of trust very quickly.

Historically, I'd disagree with you, although it is improving with Certificate Transparency monitoring and alerting.

Fair enough, but it's getting better, especially thanks to CT as you point out.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact