Hacker News new | past | comments | ask | show | jobs | submit login

eh it's a longer quote taken out of context, not my words nor my opinion, but shows it's indeed not a respectable CA



I wouldn't say it's out of context, I was clearly stating my worries when this CA was discussed here a couple of years ago.

I think something should be done, but it's not my call of course. Given we do have Let's Encrypt now, I wouldn't feel in the least bit sad in revoking the WoSign certs. Anyone affected can, and should, change.

It's disappointing to see my concerns back then were well-placed, and there are clear indications StartCom's and WoSign's backends are connected together somehow?! I don't know what's going on there exactly, and someone should definitely find out.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: