(follow.agwa.name)

482 points sanqui | 1 comments | 30 Nov 24 21:35 UTC | HN request time: 0s | source

Show context

danpalmer ◴[01 Dec 24 00:47 UTC] No.42285229[source]▶

This is a bad look. I expected the result would be Chrome and Firefox dropping trust for this CA, but they already don't trust this CA. Arguably, Microsoft/Windows trusting a CA that the other big players choose not to trust is an even worse look for Microsoft.

replies(8): >>42285389 #>>42285408 #>>42285431 #>>42285622 #>>42286061 #>>42286142 #>>42286897 #>>42287654 #

raincole ◴[01 Dec 24 04:14 UTC] No.42286142[source]▶

>>42285229 #

How bad is it? (Genuine question from me who lacks cybersecurity knowledge)

replies(2): >>42286694 #>>42292324 #

1. bawolff ◴[02 Dec 24 01:47 UTC] No.42292324[source]▶

>>42286142 #

Well now that everyone knows about it, its a whole lot less bad.

The bad certificate was caught, and caught quickly. The system works.

It is a bit like if airport security catches someone who wanted to bomb a plane. Yes the immediate gut reaction is that is terrible, but if you think about it for a bit its actually reassuring, since its proof the safe guards worked.

↑

A Brazilian CA trusted only by Microsoft has issued a certificate for google.com