@shatteredgears Traditional CA's are essentially bureaucracy-as-a-service. At best, they check the owner and provide some assurances. At worst, they're only there so your browser doesn't complain.
@andrioid Way back when Thawte still existed, some of the CA's really did do extensive checks before issuing certs. I remember having to get D&B numbers, waiting for phone calls to verify, etc. Granted, you *paid* for that, those certs were expensive.
But then the CAs figured out that the customers and end-users really didn't care. Since then it's just been automated systems charging hand-processing fees.
This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!