To anyone wondering, this is also what the "big boys" do, so dont feel like this... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		rckclmbr on Feb 21, 2016 \| parent \| context \| favorite \| on: Early Impacts of Let's Encrypt To anyone wondering, this is also what the "big boys" do, so dont feel like this is a hack. Most big companies have their own company root CA, and install that cert on their company computers. They then have all internal apps use a cert signed with that root CA (or derivative thereof)

zorked on Feb 21, 2016 [–]

And that's how the CA system is actually supposed to work. You add to the trust store those entities you trust rather than those that are trusted by the browser makers...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact