Reply to post: Re: Fearmongering, Uncertainty and Doubt

Insecure web still too prevalent: Boffins unveil HSTS wall of shame

Nick Stallman

Re: Fearmongering, Uncertainty and Doubt

The argument about government CAs isn't a good one.

You can always verify who issued a particular certificate, so if you went to Google.com and you noticed their SSL certificate was issued by a Chinese CA it would be blatantly obvious.

For most potential targets various monitoring would pick it up so manually verifying it each certificates CA isn't needed - it'll be noticed by others.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019