Which CAs can I really trust?

7 points by Tharkun ↗ HN
Comodogate & the DigiNotar fiasco have left me wondering which root CAs I can still trust. The list in my browser (firefox) is pretty long, and some of the names don't particularly inspire trust (Türktrust, AS Sertifitseerimiskeskus, Baltimore, AddTrust etc). And yet, as far as I can tell, there is no list anywhere with trust ratings or audit trails for these companies our browsers seem to trust.

Is there a way to determine which CAs are still trustworthy?

3 comments

[ 3.1 ms ] story [ 15.3 ms ] thread
Since you generally have to trust most of them, and at least some of them will fail (or have already), but you don't know which, then obvious answer is: None of them.

Sorry :\",