|
|
|
|
|
|
by teraflop
4064 days ago
|
|
|
That sounds essentially the same as how Let's Encrypt works: https://letsencrypt.org/howitworks/technology/ Except that rather than creating a self-signed certificate and then asking an external service to store a fingerprint, you just let the external service sign your certificate. EDIT: Oh yeah, and signing the certificate up-front has the nice benefit of not forcing browsers to leak private information (namely, the domain names that are being accessed) to a centralized third party. |
|
|