|
|
|
|
|
|
by lupin_sansei
6961 days ago
|
|
|
The Authority provides a way to check the address of a domain name holder and other useful information. It makes it a lot harder for someone to create a spoof domain like https://www.paypa1.com and for Paypal's real address to be displayed in the certificate when you click on it. Basically Verisign and co stake their reputation on checking the details of the certificate applicant. I don't see what's terrible about browser makers trusting certain authorities. It's useful to the user, and there's more than one authority so less chance of abuse. The only alternative is no authorities, or a government bureaucracy issuing them. I don't see how either of those 2 options is superior to the current situation. There's nothing stopping you creating a free Certification Authority, it's just that you'd have to persuade the browser makers to trust you. |
|
|
Because the authorities trust anyone who pays them 20 bucks. THEN, the users trust any site where the address bar turns yellow. Do you see the break in the chain here?