Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> You control which CAs you anchor your trust to locally.

Theoretically, but doesn't it tend to use the same OS infrastructure as HTTPS?

> The US Federal Government (FPKI) and US Department of Defense (DOD PKI) use S/MIME heavily.

Indeed, but they are in a position to trust the US government (and more generally the international governmental system).



>Indeed, but they are in a position to trust the US government (and more generally the international governmental system).

Not sure what trusting the government has to do with it, it has to do with trusting the CA system that's set up on the computer.


> Not sure what trusting the government has to do with it, it has to do with trusting the CA system that's set up on the computer.

Almost all computers ship with a bunch of governments set up as trust roots. It's not impossible to change this, but it's impractical for all but the largest organizations.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: