←back to thread

Certification Authority/Browser Forum adopts new security standards

(security.googleblog.com)
62 points terminalbraid | 1 comments | 31 Mar 25 09:56 UTC | HN request time: 0.205s | source
Show context
notepad0x90 ◴[03 Apr 25 08:05 UTC] No.43566399[source]
Cheaper code-signing certs would be great. I don't like how the CA/B is so focused on TLS only. PKI is a slightly wider landscape. I sincerely hope PKI-centric code and package signing makes its way to the Linux world where most influential people in these discussions live, so they can appreciate the importance of having a "letsencrypt" for other types of PKI usage like S/MIME and Authenticode.
replies(1): >>43569965 #
1. dadrian ◴[03 Apr 25 14:10 UTC] No.43569965[source]
There is literally a code-signing working group in the CA/BF. However, the browsers don't really participate in it, since it's irrelevant to browsers. This is the entire point of moving to dedicated hierarchies per use-case---each PKI (web, code signing, etc) can evolve independently.