Y
Hacker News
new
|
ask
|
show
|
jobs
by
ajnin
2916 days ago
Which "compromises" the key, according to current Certificate Authorities policies. Once again the problem boils down to CAs being the sole "anchors of trust" in the current certificate system.
1 comments
progval
2915 days ago
Then they could have their server tunnel ACME challenges to the device, so the private key never leaves the device, but can still be signed.
link