Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Well fortunately for user choice there are people like me who are going to build and distribute software that is not prescriptive about what certificate authorities users should be compelled to accept as net wins as well as people like you who apparently are willing to navigate a twisty rhetorical maze before arriving back at: status quo, intact.

my intention is to render your net win calculation irrelevant by letting users decide and educating them about the implications of trusting people like you.



> not prescriptive about what certificate authorities

This seems like a non-sequitur. DoH does not specify particular certificate authorities; it just uses a secure connection, rather than plaintext DNS.

Is your complaint specifically about certificate pinning in proprietary applications, as opposed to using the system CA store?

> twisty rhetorical maze

That is an excessively reductive description of an argument you disagree with.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: