Hacker Newsnew | comments | show | ask | jobs | submitlogin

And how would we decide to whom to extend the certificate? To whom should we entrust "conversions"?

You are talking around the larger problem, which is a huge one for many extension and app ecosystems (e.g. Google Play, where weak-AI scanners fail to stop malware and spamware).

Mozilla uses community review, which works much better but is of course imperfect, a human thing.

No one that I know of has solved this larger problem. I would be interested in research pointers and tips (not complaints).


Applications are open for YC Summer 2015

Guidelines | FAQ | Support | Lists | Bookmarklet | DMCA | Y Combinator | Apply | Contact