Reply to post:

Mozilla piles on China's SSL cert overlord: We don't trust you either

Ken Hagan Gold badge

The solution is for anyone who wants to prove their identity to make their own certificate and get it signed by several CAs. That way the certificate remains valid until all of the counter-signatories have mis-behaved.

It's also more expensive (ie, a money-spinner for the CAs) so I'm surprised the CAs themselves aren't pushing this approach.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019