undefined | Better HN

0 pointskej10y ago0 comments

The other side of that argument is that if your registrar is also your CA, they have the ability to give bogus SSL certs to an evil server and the ability to direct your domain to that evil server.

0 comments

0x010y ago

They can already do that, as they could temporarily hijack your NS records and buy a cert somewhere else. If you can't trust your registrar, you have bigger problems (I'd say "all is lost")

On the flipside, having a registar act as the only valid CA would mean that choosing a trustworthy registrar suddenly has real value. Power users could make an educated opinion on the trustworthyness of a given domain validated CA. Domain owners could be sure they're not at risk for how in the current system, an adversarity could get a valid parallel SSL certificate from a sloppy bargain-bin CA, even if the domain owner picked the most expensive and diligent CA and registrar for themselves.

schoen10y ago

A lot of folks might not have thought through the weakest-link aspect of the current system: they feel like they're safer because they chose to use a reputable or trustworthy CA. But misissuance events that I've heard of have never involved CAs that the victims had any business relationship with at all.

j / k navigate · click thread line to collapse

0 comments

0x010y ago

They can already do that, as they could temporarily hijack your NS records and buy a cert somewhere else. If you can't trust your registrar, you have bigger problems (I'd say "all is lost")

schoen10y ago

j / k navigate · click thread line to collapse