Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

All this means is that CAs have to be a bit more careful who they give reseller certificates to - essentially, only signing reseller certificates for sellers they think are trustworthy.

Because that's what signing a * certificate says - "I trust the owner of this certificate with signing power for every domain". If a particular CA is giving that away to people who shouldn't be trusted with that, then that's pretty shady behaviour on the part of the CA.



Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: