Hacker News new | ask | show | jobs
by legulere 4139 days ago
I don't know why people trust companies more than governments. Both can be large and powerful.

Also I find it highly unlikely that these certificates get abused:

- Those certificates are from other branches of the government. They won't like the NSA abusing their certificates.

- When abuse of these signatures gets detected it would be a big scandal. It's way more easy and stealthier to steal the keys of a intermediate CA.
1 comments
dionyziz 4139 days ago
We should be moving to systems that cannot be abused instead of systems that "we won't like it" when they get abused. PKI is broken.
link
mike_hearn 4139 days ago
Brave words. Let us know what you come up with.
link