this post was submitted on 20 Jul 2023
7 points (100.0% liked)

cybersecurity

3227 readers
20 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
 

The certificate authority (CA) system does an incredible job of solving an impossible challenge. Think about it. The CAs measure control of a domain name and then issue TLS certificates that pair cryptographic keys to those names. They do this on a global scale, often automatically. It's impossible to do this perfectly, and unfortunately, they occasionally fail.

In this post I describe the challenges the CAs face, describe a history of failures, and explain the process we use to maintain confidence in the system in spite of it all.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here