|
|
|
|
|
|
by ctz
4421 days ago
|
|
|
> By using a CA owned by the Swiss government, we ensure the highest security for our users because it is extremely unlikely SwissSign can be coerced into validating another website impersonating us This is a dangerous and insane misunderstanding of the trust relationships work in the public CA system. Any CA can impersonate any site. Your choice of CA has no bearing on your exposure to this risk. (If this were an app or browser extension, you could plausibly pin the right certificate path to only trust SwissSign. But if you can do that, you can just pin your certificate and don't need a CA at all.) |
|
|