Hacker News new | ask | show | jobs
by hansjorg 4450 days ago
It's an awfully sketchy business model. Like inverse insurance.

That's not the issue though. Most people are not StartCom customers and couldn't care less.

They still care about what that padlock icon signifies and that's why it's pertinent of large vendors to consider the CA status of StartCom in a situation like this.
1 comments
aidenn0 4450 days ago
> It's an awfully sketchy business model. Like inverse insurance.

You mean "Real Life" if I buy an item from manufacturer X, and it breaks due to a product from manufacturer Y (which almost everyone uses with the product I bought since it's complementary), it would be nice if manufacturer X would replace the item for free, but it's not sketchy or a dick move if they don't.

link
hansjorg 4450 days ago
No, not at all. That's not how SSL certificate revocation works.

If the certificate is not revoked when compromised, the party harmed may not be the StartCom customer, but anyone still trusting certificates issued by them.

When this is happening on a large scale, considering the CA status of StartCom is certainly due dilligence.

link