how can one verify that this future "certificate authority that issues free certificates to any website" hasn't issued a cert to the NSA for your domain? is it possible?
Good point! Let's not do anything. Inaction is always the best course of action.
How can we work out if baby isn't still dirty? It could be - right? Therefore it's likely (sigh), and if it's likely - we'd better throw out the baby with the bathwater.
/. agressive armchair apathy - the new "insightful"
In other news there are rumours of a CA being broken into - or maybe it was several - or maybe someone with a few thousand just bought a fraudulent certificate. And those who can't/won't stump up a hundred dollars lower the standard
Lucky I'm just making this shit up
How could you possible check? (if only there was some sort of looky-uppy facts com-put-ah....)
How do we know you don't work for the NSA?
Looks like a duck, smells like a duck, got it's arse in the air like a duck....
Must be a weasel!