|
|
|
|
|
|
by rocqua
2785 days ago
|
|
|
In order for CT to really work, we will need a better way to handle actually distrusting CAs.
I think that includes a way for a site to have multiple different certs at the same time, so their one CA isn't a single point of failure. Without this, we will always be dragging our feet in dropping CA trust, because it will leave some perfectly valid sites shit out of luck. |
|
|