Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

These kind of master keys already exists so it is not something hypothetical. I am talking about the private keys of trusted root certification authorities. If it would be as easy to get them as you say nobody would probably use TLS since it would be useless.


Well, TLS with "trusted" CAs is useless, for extreme threat models.


Care to elaborate?


You're vulnerable to MitM if adversaries have issued fraudulent certificates for sites that you use. And we know that this has happened, more than once.


And that'll only get worse if the FBI succeeds in compelling a US technology company to sign something they don't trust.


http://thenextweb.com/insider/2015/04/02/google-to-drop-chin...

it's not tinfoil to note that there are CAs under the control of authoritarian governments.


I think the point is that it's easier to spoof a trusted cert than to crack the encryption




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: