• topperharlie@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    making sure a small part is very secure vs having to verify every domain I visit? yeah, let me keep using the current system… are you aware of the amount of domains you connect to every day?

    Also, I might be wrong, but if I remember correctly browsers/OS-es tend to come with a list of trusted certificate keys already, which makes adding compromised keys to that list not as easy as you suggest. (I don’t even know if that happens or if they just update as part of security updates of OS/browsers)