I trust Certificate Authorities, but I have no idea why
I’ve seen statistics that claim between 40% and 60% of all sites on the Internet use encryption to protect their web application traffic. Regardless of the true number (which changes on a daily basi...
Published Jul 01, 2015
Version 1.0
colbeseder_1156
Nimbostratus
NimbostratusReally good article.
"If anyone hacked a trusted CA, they could fake a certificate for any website using that CA".
Actually, if you hack into a CA and assign yourself arbitrary certificates, you can compromise any website you want.
HPKP goes some way towards mitigating this.