Hacker News new | past | comments | ask | show | jobs | submit
kube-system | on: Let's Encrypt bans certificate usage in any US sanctioned territory [pdf]
The entire point of a trust model is to exclude people. That's the stated goal.

If you want encryption without trust, just use self-signed certs.

lxgr | parent | next
If you don't care about who you're talking to, why use certificates at all?
13415 | parent
The problem is that the current trust model is totally untrustworthy.
kube-system | root | parent
Philosophically, trust isn't a "solvable" problem. It can only be mitigated to varying degrees. However, some degree of trust is probably better than none.
13415 | root | parent
One thing is sure, pinning trust on trust chains down from Root Certificate Authorities is fundamentally incompatible with our notion of trust and an almost absurd idea to start with. Most people using a browser don't even know any person from such an organization nor would or should they have any rational reason to trust them.
kube-system | root | parent
> our notion of trust

I suspect I may have a different notion of trust than you

> Most people using a browser don't even know any person from such an organization nor would or should they have any rational reason to trust them.

Back up one step further -- most people using a browser don't understand the problem set we're talking about even exists