Which CAs can I really trust? | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Which CAs can I really trust?
		7 points by Tharkun on Sept 7, 2011 \| hide \| past \| favorite \| 3 comments
		Comodogate & the DigiNotar fiasco have left me wondering which root CAs I can still trust. The list in my browser (firefox) is pretty long, and some of the names don't particularly inspire trust (Türktrust, AS Sertifitseerimiskeskus, Baltimore, AddTrust etc). And yet, as far as I can tell, there is no list anywhere with trust ratings or audit trails for these companies our browsers seem to trust. Is there a way to determine which CAs are still trustworthy?

Rantenki on Sept 8, 2011 | [–]

Since you generally have to trust most of them, and at least some of them will fail (or have already), but you don't know which, then obvious answer is: None of them.

Sorry :\

willvarfar on Sept 7, 2011 | [–]

Use http://convergence.io/ instead

cynix on Sept 7, 2011 | [–]

How can I check whether it's working?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact