Hacker News new | past | comments | ask | show | jobs | submit login

Interesting that it would be "so much easier" for the U.S. intelligence community to steal most certificates or work around TLS, when countries like Thailand, which have much fewer resources, prefer to get Microsoft to install their own root certificate for them in Windows. Perhaps this is what the IC meant as well, when it said there are other easier ways? Why bother with Verisign's solution, when they could have their own root certs in Windows?

The CA system is such an untrustworthy mess.

http://www.theverge.com/2017/1/25/14381174/microsoft-thailan...




Because using your own CA is not deniable. You aren't allowed to move forward with any solution that may lead to attribution.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: