Doesn't this just mean the registrar ends up (effectively) being the one who tru... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

joosters on Nov 13, 2013 | parent | context | favorite | on: Moving forward on improving HTTP's security

Doesn't this just mean the registrar ends up (effectively) being the one who trusts all the random CAs instead?

pedrocr on Nov 13, 2013 [–]

What random CA's? All the registrar does is say "I the owner of COM have delegated EXAMPLE.COM to FOO both by pointing the address to their servers and signing their public key." After that example.com can delegate within its domain both the addressing (regular DNS) and the signing of certificates for subdomains.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact