|
|
|
|
|
|
by Strom
3742 days ago
|
|
|
You would soon be left without any CAs. [1] People are pretty stupid when it comes to security, and this includes people working for CAs. There have been cases where the CA private key is publicly accessible to the internet without any password. [2] -- [1] Yes, plenty of smart people have been advocating moving away from the current CA system. It's fundamentally broken. [2] A great talk by moxie, filled with horror examples of CAs. The private key example is at 19:20. https://www.youtube.com/watch?v=Z7Wl2FW2TcA |
|
|
¹ As long as you're monitoring CT log servers for anything involving domains you own.