Hacker News new | ask | show | jobs
by lxgr 567 days ago
The problem here isn't really that one mis-issued certificate, but rather the general problematic behavior of that CA reported in TFA.

If a CA can be convinced to issue a server certificate for google.com, would you feel very comfortable trusting their contract/deed/... signing certificates?
1 comments
Muromec 566 days ago
If the government says you need to use their CA, you may feel the feelings, but you will still use them
link
KetoManx64 565 days ago
What would stop me from purging all this CA's certificates from my computet?
link