|
|
|
|
|
|
by kristofferR
4132 days ago
|
|
|
It wouldn't be much different than certificate pinning is today, just a crowdsourced version. Sure, the CA system should be replaced altogether, but that's going to take quite some time. In the mean time I think the idea I mentioned could be useful to avoid invisible man-in-the-middle attacks by the CAs. It only requires work by the browser developers, while changing from CAs to something else will take a major effort by everyone who's running a part of the web. |
|
|