Y
Hacker News
new
|
ask
|
show
|
jobs
by
derefr
4450 days ago
Easily: they could get their upstream CA to revoke their own CA cert, and then get another one. All certs signed by the previous StartCom CA-cert would then be considered revoked.