This seems to be a gross misunderstanding of public key cryptography. Public keys allow you to verify an existing signature is valid and made by the correct entity, but they absolutely don’t allow you to forge a signature: that’s actually what they are designed to prevent.
Caedarai
- 0 Posts
- 4 Comments
Joined 12 days ago
Cake day: March 3rd, 2025
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
You pay CAs for certificate issuance, not for signing. You could sign all the QR codes in a city with a single CA-issued certificate as long as the standards for it were all accepted.
Well, because it won’t be signed by a trusted CA for that task. Like if CAs had a category of certificate issuance that applied here (the standardisation issue) then it would be easy to spot a fake (which wouldn’t be correctly signed). Alternatively, you could take the European approach of having everything government related (like public street parking, though Europe mostly uses apps for that, not signed QR codes) rely on government entities and those in turn on a national set of government CAs.
Plenty of people I know have gotten the little echo dots or the bigger alternative with larger speakers for Christmas or birthdays. Technically they didn’t spend money, but their friends and family did.