• 0 Posts
  • 10 Comments
Joined 1 year ago
cake
Cake day: June 11th, 2023

help-circle

  • you seem to know what you are talking about and I looked into this very long ago, maybe you can help me understand.

    From what I can understand reading most of the article this forces browsers to accept the certificates, but it doesn’t force the websites to use them, right?

    So what is stopping Firefox from showing a warning (like the lock icon being orange, but it could also be a more intrusive message) stating that the certificate was issued by a country and/or doesn’t fullfil modern security standards in case one of these CAs is used?

    On top of that, the CA doesn’t really encrypt the private key of the domain, it just adds a signature stating that the message with the salt and the public key are legit, right? everyone seems to think the government itself will be able to passively see the traffic, but if I remember correctly they would have to gateway the whole transaction (I’m guessing the browser will also have a cache of keys and this could become a bit tricky to do in a global way)

    But of course we all know how technologically illiterate governments are (there could be one good, but there will be some “less good” for sure). So yeah, it does sound like a horrible idea to begin with. Because if a CA starts being insecure nowadays browsers can just remove them and go with their life, but if there is a law forcing browsers wouldn’t be able to.

    I’m just curious about the specifics in case I’m outdated on what I remember.


  • making sure a small part is very secure vs having to verify every domain I visit? yeah, let me keep using the current system… are you aware of the amount of domains you connect to every day?

    Also, I might be wrong, but if I remember correctly browsers/OS-es tend to come with a list of trusted certificate keys already, which makes adding compromised keys to that list not as easy as you suggest. (I don’t even know if that happens or if they just update as part of security updates of OS/browsers)



  • topperharlie@lemmy.worldtoMemes@lemmy.mlNo context
    link
    fedilink
    arrow-up
    37
    arrow-down
    2
    ·
    1 year ago

    hmmm… I’m pretty sure I’ve been around since before YouTube started and don’t have any idea, so I still think is the case.

    I think people tend to not understand how big internet is, even back then. This makes it difficult to know which memes really made it all the way to become THAT popular (and even those are not know by everyone, some people just don’t follow memes)





  • lol, last time I switched jobs some years ago I did the same but in the other side, I had a side small section with level of expertise on programming languages and explicitly added java with 1/10 to send a clear message xD

    (is not that radical giving that I’ve been a embedded/graphics programmer most of my career, but still, funnier than not mentioning it)