Who's auditing the CA's currently trusted by your browser?

various 3rd parties. this is required by the cab forum which my browser requires as well.

inform yourself if you want to write stuff like that. even more, its sad that people think CAs have zero checking and just give what, money to browsers to be included? Thanksfully its not like that yet.

So,if you knew the answer to your own question, why did you ask?

I did not, actually. Same subject, but the question is different since this is a CA signed by a CA in this case.

We intend to have a WebTrust audit, just like other CAs do.

thanks!

Who's auditing the auditors? Remember Moody's? It's not entirely analogous, but it's not far from it.

At some point down the chain, you have to rely on trust to some degree. Either disappear in to the wilderness and completely disconnect from the grid or - at some point - you have to trust someone.

All CAs for most browsers are all audited by a third party. That's what provides the trust.

https://cabforum.org/baseline-requirements/ https://www.mozilla.org/en-US/about/governance/policies/secu... https://www.mozilla.org/en-US/about/governance/policies/secu...

Geez the people without a clue wanting to patronize on HN - I'm telling you - nothing like that to lose faith in humanity.