Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I think you misunderstand how HTTPS works, there's no central root CS, nothing stops you from adding other trusted root certificate authorities.

In fact, your browser trusts a few dozens of different ones, and companies routinely manage their own.



No, I'm just assuming that you're going to follow through on that thought and realize statistically no one does that for self signed certs except corporations which aren't human persons anyway.


The point isn't that you can run it yourself, it's that there isn't a central one and there are dozens or hundreds of different options already, based in different countries.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: