"trusted" SSL certificate authorities are a scam, why is everything a hater on self signed
Discussion
Without a widely-used web of trust or some other simple method of checking fingerprints and matching to identities out-of-band, self-signed certs aren't very useful.
Definitely does seem like a problem we could solve with freedom tech, tho.
Yeah lol, this. The Certificate Authorities are a cabal and are gatekeepers.
Imagine nostr but you had to first get your npub signed by a nostr authority-- that is PKI.
We are seemingly doing just fine without them.
yeah, nostr literally is the solution to this problem
just waiting for someone with money to meet someone with brains at this stage
Not by itself, though. I don't know who nostr:nprofile1qqsyeqqz27jc32pgf8gynqtu90d2mxztykj94k0kmttxu37nk3lrktcpz9mhxue69uhkummnw3ezumrpdejz7qg3waehxw309ahx7um5wgh8w6twv5hsz9mhwden5te0d4kx26m49ehx7um5wgcjucm0d5hspyest0 is in the Real World, so I need a solution that can tie that pubkey to a person I want to, e g., but something from.
But if, e.g., I had signatures on an attestation of RW identity from, say, four other accounts whose judgement I trust, that would be great.
With PGP, despite having a clear way to sign other folks' keys, this never became really usable. But maybe this time will be different…
elliptic curves definitely lowered the barrier