Hacker News new | past | comments | ask | show | jobs | submit login

> decentralized reputation through cert validation?

Certs are pretty dang centralized.

Also, Your second sentence needs a bit more fleshing out because it doesn't follow.




Certs are certainly decentralized. You can create your own root, share them, etc. There a several highly trusted roots that are chosen by OS makers, not centralized. Some roots are quite big but what part is centralized?

Chain of trust is a decentralized reputation protocol and we use it frequently and effectively.


While it's not strictly centralized, as in, there's no single root, the sets of root certs in usage are extremely similar. There are only a handful that matter, and they overlap significantly because they share choices: Windows, Android, Apple, Firefox, various Linux distros.

A contributing factor is that the culture that grew around them makes it uncommon to be able to manipulate your own certificates. If you set up a Web page with your own root cert, you can be sure it will never grow.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: