Hacker News Comments on
USENIX Enigma 2016 - Several Horror Stories about the Encrypted Web
USENIX Enigma Conference
·
Youtube
·
29
HN points
·
0
HN comments
- This course is unranked · view top recommended courses
Hacker News Stories and Comments
All the comments and stories posted to Hacker News that reference this video.⬐ joshuakThis is actually a great letsencrypt.org intro. Too bad it's not labeled that way here or on youtube.⬐ nickpsecurity⬐ babyYeah, I suggest them changing the title to something that says it's letsencrypt. Had I not glanced here, I'd have totally skipped it thinking it was some scare tactics from security industry or government to push their agendas with.1. There are too many CAs2. so let's create another CA!
The transition here was weird.
Also, there are now a HUGE number of certs signed by let's encrypt. Isn't that a problem? Remember Comodo now too big to get removed?
I guess let's encrypt cannot sign intermediate CA certificates and that's a good thing, and we should have more CA like that and less CA like Comodo. Also if they are free (I still find it mindblowing that you have to pay for certificates) and are quick to implement/respect new rules directed by the cabforum. Then it is an improvement of the current internet PKI.
Now what about better/other solutions to secure internet? I'm still scared of having to trust thousands of CAs that all have the same power.
⬐ kevin_thibedeau> I still find it mindblowing that you have to pay for certificatesYou pay for the CA to verify you are who you claim to be.
⬐ darklajidFor DV certificates: You pay a shitload of money for a single email.Ignoring the sibling comment (most of these CAs aren't trustworthy as far as I'm concerned): The price is highly inflated and that translates to bile and disgust whenever I think of CAs or the CA model.
⬐ mirimirBut who verifies that the CA is who they claim to be?Or is doing what they claim to do?
Maybe they've been hacked, or infiltrated, or sold out, or ...
If I'm American, do I trust Chinese CAs? Or vice versa?
⬐ c22Presumably this is the job of browser vendors.