Hacker News new | past | comments | ask | show | jobs | submit login

Probably related to TLS CAs. Windows insists on phoning home to these CAs.



Interesting. Does this actually have any security implications or is my paranoia for nothing?

In my head, “normal“ CAs used by browsers for example are held to a high standard of digital trust. Whereas trust in the US military as a CA sort of implies blind faith. But I honestly don’t feel that I know enough about TLS to know why I should trust, say, digicert or identrust, more or less than the US military.


The US Government issues their own certs for many agencies, so there's no commercial entity that acts as the CA. These CAs are installed by Windows just like most other CAs.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: