Hacker News new | comments | show | ask | jobs | submit login

FWIW, I always try to remove the CNNIC root cert from my setups. It's not that hard to do (except for iOS devices) and I have never had an issue since I don't frequent sites that would be signed by CNNIC.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact