Certificates and "authorities"
Posted Sep 8, 2011 17:41 UTC (Thu) by Nelson
In reply to: Certificates and "authorities"
Parent article: Certificates and "authorities"
Exactly, or maybe just offering the CA more money to produce a fake certificate. Not just that, but should a CA be compromised, either but hacking or political pressures or other, they have no insentive to disclose that fact. In fact they have every reason not to.
The solution would be to establish trust with maybe a half dozen CAs in different jurisdictions, or at least that would be a solution to some of those problems, but it's cost prohibitive with the current business model.
This isn't a problem with the technology...
to post comments)