That's bit harsh. I bet that significant amount of the impacted people had only ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		zokier on Feb 28, 2018 \| parent \| context \| favorite \| on: DigiCert Statement on Trustico Certificate Revocat... That's bit harsh. I bet that significant amount of the impacted people had only the vaguest idea what they were actually buying ("a lock icon for the web thingy"), and never even heard of private keys, never mind CSRs or actually understanding public-key crypto and PKI.

icebraining on March 1, 2018 [–]

I find this argument unconvincing, but even if you really feel the need to help people generate keys, you do it in JS in the browser, without ever sending them to your server! Open source code to do this has been around since 2001: http://webcache.googleusercontent.com/search?q=cache:87MSSBj...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact