Hacker News new | past | comments | ask | show | jobs | submit login

Is the system problematic? Yes. Does it have room for improvement? Tons. Is it broken? No, I dont think so.

I dont think the CA system is unique in having breaches, holes, or incompetent actors.




The CA system is unique is that one hole, breach or incompetent actor compromises the entire system.

It's also unique is that when an authority has a hole, breach or is an incompetent actor, it's very difficult to remove them from authority.


>It's also unique is that when an authority has a hole, breach or is an incompetent actor, it's very difficult to remove them from authority.

There is no proof of this. There are lots of systems in place to deal with mistakes and trust breaches. If it gets to the extent that a Root or CA needs to be removed from trust stores, then they are removed.

Just this year we saw two CAs lose their trust.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: