TACK works without coordination between the 1/2-time TLS maintainer at a browser... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

tptacek on Dec 8, 2013 | parent | context | favorite | on: Further improving digital certificate security

TACK works without coordination between the 1/2-time TLS maintainer at a browser and the (elaborate) UX/UI team at that browser; it's something you can implement in the backend.

The UX for certificate trust on the Internet is dreadful and essentially hasn't evolved since the late 1990s. It is badly due for an overhaul. But we can get TACK working today; UX changes could take years.

sanxiyn on Dec 8, 2013 [–]

Well since 1990s we at least got EV, which is something.

dsl on Dec 9, 2013 | [–]

EV was an exercise in money making, not security.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact