|
|
|
|
|
|
by viraptor
1962 days ago
|
|
|
> Domain names should be a thin wrapper around private/public keypairs. This way anyone who gets access to the keys, even temporarily gets to take over the whole domain. No chance to resolve the issue with a registrar who can manually review the case and revert changes. This would include anyone working on that level of infra in your company and anyone who hacks them. I'm not sure what would you compare the https cert to without a central authority in that case. We tried the web or trust with PGP and it turns out key management is really hard and apart from few geeks nobody's that interested. |
|
|
Agree that nobody cares about this though. I'm certainly not surprised that we settle for easy mediocrity.