Y
Hacker News
new
|
ask
|
show
|
jobs
by
bawolff
425 days ago
> Issuing a Google certificate is a good way to get your whole CA killed.
Surely what happened here is a good way to get your CA killed? The linked bug seems pretty bad.
2 comments
tptacek
425 days ago
Less clear on that. Bugs happen. I'm not an expert on browser root policies.
link
thayne
425 days ago
From what I understand one of the factors is how often things like this happen, and how well they handle it when it does.
link
agwa
425 days ago
Historically, singular domain validation bugs have not killed CAs.
link