Say the owner of a website with a self-signed cert fears it might have been comp... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		icebraining on May 1, 2015 \| parent \| context \| favorite \| on: Deprecating Non-Secure HTTP Say the owner of a website with a self-signed cert fears it might have been compromised, and decides to create a new cert. How is the user supposed to distinguish that from a MITM?

XorNot on May 1, 2015 [–]

That's what the central hash servers are for. Am I being MITM'd? Well, ignoring a global adversary, the problem is usually local. But CA's don't solve the global problem either.

icebraining on May 1, 2015 | [–]

Wouldn't you have to tell the central servers about each and every site you visited?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact