undefined | Better HN

0 pointsMichaelGG10y ago0 comments

How is this any worse than trusting the original CA? There's almost assuredly some high standard they use to cross sign, and they'd get revoked if they do that incorrectly. You're failing to note that MCS was revoked as was CNNIC. So, boom, 2 bad/laughably incompetent players are out.

Trusting a CA means trusting them to write certs, even via an intermediary. If you don't actually trust them, remove those CAs.

The CA model has lots of problems, but I don't see what additional harm this actually causes.

0 comments

Natanael_L10y ago

Because it doesn't settle with having as many single points of failure as the number of CA entries in your root CA list, they are getting multiplied over and over.

MichaelGGOP10y ago

How would it be any different if these CA's made a choice to instead issue end-user certs but based off of Let's Encrypt's authorization?

Natanael_L10y ago

Fewer master keys to target

MichaelGGOP10y ago

I'm gonna guess that getting into Let's Encrypt's HSM is as hard or harder than breaking their auth procedures.

j / k navigate · click thread line to collapse

0 comments

Natanael_L10y ago

Because it doesn't settle with having as many single points of failure as the number of CA entries in your root CA list, they are getting multiplied over and over.

MichaelGGOP10y ago

How would it be any different if these CA's made a choice to instead issue end-user certs but based off of Let's Encrypt's authorization?

Natanael_L10y ago

Fewer master keys to target

MichaelGGOP10y ago

I'm gonna guess that getting into Let's Encrypt's HSM is as hard or harder than breaking their auth procedures.

j / k navigate · click thread line to collapse