Y
Hacker News
new
|
ask
|
show
|
jobs
by
richardwhiuk
2806 days ago
Ignoring the Web PKI defaults though is probably a silly idea - e.g. long lived certificates with rubbish hash algorithms, huge certificates, and issuer kept keys are all really bad ideas, in almost any scenario.