←back to thread

A Brazilian CA trusted only by Microsoft has issued a certificate for google.com

(follow.agwa.name)
482 points sanqui | 6 comments | 30 Nov 24 21:35 UTC | HN request time: 0.912s | source | bottom
Show context
noitpmeder ◴[01 Dec 24 01:02 UTC] No.42285295[source]
Not clear (to me) in the original post -- was this done accidentally or intentionally?
replies(4): >>42285340 #>>42285374 #>>42285593 #>>42285609 #
1. ruined ◴[01 Dec 24 01:19 UTC] No.42285374[source]
does that matter?
replies(1): >>42285414 #
2. altairprime ◴[01 Dec 24 01:28 UTC] No.42285414[source]
Yes; malice is indefensible no matter the circumstances, mistakes may be defensible under certain circumstances or with certain responses by the mistakee.
replies(1): >>42285461 #
3. sabbaticaldev ◴[01 Dec 24 01:40 UTC] No.42285461[source]
as a brazilian i’m not sure if I’d prefer it to be malice or incompetence
replies(3): >>42285615 #>>42285686 #>>42286077 #
4. griomnib ◴[01 Dec 24 02:16 UTC] No.42285615{3}[source]
As an American…why not both?
5. lazide ◴[01 Dec 24 02:33 UTC] No.42285686{3}[source]
There is also the option of malicious incompetence, of course.
6. altairprime ◴[01 Dec 24 04:00 UTC] No.42286077{3}[source]
Incompetence: operating a CA is difficult enough that sometimes people fuck up, but if the CA is corrupted, then that’s much worse.