As if browser vendors never included any shady or incompetent root CA? For examp... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		bombolo on Dec 1, 2022 \| parent \| context \| favorite \| on: Mozilla, Microsoft yank TrustCor's root certificat... As if browser vendors never included any shady or incompetent root CA? For example: https://www.techtarget.com/searchsecurity/news/252436120/230... Firefox seems to include root CA from the governments of: Hong Kong (so China?), Spain, Turkey, Tunisia, Netherlands.

olliej on Dec 1, 2022 [–]

And when they find evidence of a CA misbehaving they revoke them, as here, they don’t go to the EU and say “hey we think you need to re audit this company” and then wait a few months/years while the business continues to pay the EU to remain in the root stores.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact