Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is an issue with any domain-verified TLS certificate, which make up the overwhelming majority of certificates in use. Only CAs which offer organization-verified (OV) or extended-verified (EV) certificates, typically at exorbitant prices, does the TLS certificate attest the publisher of the website.


> Only CAs which offer organization-verified (OV) or extended-verified (EV) certificate, typically at exhorbitant prices, does the TLS certificate attest the publisher of the website.

Even so, I’ll expect financial institutions to have that.

Note: I’m not saying the above is a Cloudflare issue, perhaps someone at Visa was being stingy - I’m just saying it’s an issue and would be bad if that becomes the mainstream.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: