Hacker News new | ask | show | jobs
by amfsn 2516 days ago
Then PayPal has the data and LE can follow the trail. Because it's about LE being able to tell who actually bought the certificate, telling me end users can't do that is kinda moving the goalposts.
1 comments
pilsetnieks 2516 days ago
There are certificate authorities all over the world, and many of them not in jurisdictions that would share data with your law enforcement.
link
logifail 2516 days ago
Q1: What kinds of serious crimes involve law inforcement needing to chase up who's behind the purchase of a SSL certificate, anyway?

Q2: Can't the bad guys just buy a pre-paid debit card with cash if they're that desperate to cover their tracks?

link