Hacker News new | ask | show | jobs
by captainmuon 4131 days ago
We should come up with a scheme where certificates are signed by multiple CAs (or you have several cross-linked certificates). If one signature changes but not the others, you know something is wrong [1]. It would be beneficial to use CAs from different political blocks, like one from the US, one from China, and one from the EU, to reduce the risk of collaboration.

Of course, a MITM attacker would just strip all certificates and send only theirs along, so you have to have a way to enforce multiple signatures from different blocks. Maybe a httpss url scheme or something.

[1] Something like: http://security.stackexchange.com/questions/6926/multiple-ca...
1 comments
smoyer 4131 days ago
We should come up with a certificate authority that's distributed and based on real trust ... but who do you trust?
link
skuhn 4131 days ago
Not exactly distributed, but it is based on a somewhat different trust model than conventional CAs: https://letsencrypt.org/

It remains to be seen if it actually makes an impact upon launch. It certainly can't replace all the types of certs in use today.

link
ctz 4131 days ago
Let's encrypt is the exact same trust model as conventional CAs selling you a DV certificate. Apart from that, the trust model in the public CA system does not and cannot vary by CA: you trust them all, equally, all the time.
link
skuhn 4131 days ago
Sorry, I meant the nature of the CA as a public benefits corporation that is more open than conventional CAs. Meaning maybe I personally trust them a bit more than Verisign -- although I haven't decided if I do, and really any CA will betray you rather than go to jail on your behalf.

Their certs are indeed the same DV type as always.

link
smoyer 4131 days ago
I'm planning on encrypting all my static sites once letsencrypt is available. I don't pass private data (currently) but if it's free why not?
link
skuhn 4130 days ago
Makes sense to me, and I think this is the future of the web. HTTP will simply cease to be a viable option in the next 3-4 years if cert prices are reduced (or eliminated) and SNI becomes widely available.

Good for Let's Encrypt in taking the initiative to make this happen sooner rather than later.

link