Being able to pay isn't a very good barrier. Being broke doesn't mean having no ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

dspeyer on Feb 1, 2011 | parent | context | favorite | on: Tell HN: There is a Scammer Amongst Us

Being able to pay isn't a very good barrier. Being broke doesn't mean having no meaningful content, and most attackers who can make serious MitM attacks can pay. CAs are supposed to have real barriers (and I think most of them do).

In this case, though, we don't need a CA. PG could publish the key in an essay and we'd just carry it through manually.

jimrandomh on Feb 1, 2011 [–]

The point of collecting payment for certificates is not that attackers can't afford it, but that it enables the CA to do some cursory verification, and creates a trail of evidence if the certificate is used for a scam later.

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact