I trust Certificate Authorities, but I have no idea why
Published Jul 01, 2015
Version 1.0Was this article helpful?
Really good article.
"If anyone hacked a trusted CA, they could fake a certificate for any website using that CA".
Actually, if you hack into a CA and assign yourself arbitrary certificates, you can compromise any website you want.
HPKP goes some way towards mitigating this.