← Back to context Comment by akerl_ 1 month ago It's almost like the threat models for CA and leaf certs are different. 2 comments akerl_ Reply LunaSea 1 month ago Yes, foot certs are much more sensitive than leaf certs. akerl_ 1 month ago Which is why root certs are stored in HSMs, there’s a well defined total set of them, and if the owner violates any of the rules around handling of them, the CAB can put them out of business.
LunaSea 1 month ago Yes, foot certs are much more sensitive than leaf certs. akerl_ 1 month ago Which is why root certs are stored in HSMs, there’s a well defined total set of them, and if the owner violates any of the rules around handling of them, the CAB can put them out of business.
akerl_ 1 month ago Which is why root certs are stored in HSMs, there’s a well defined total set of them, and if the owner violates any of the rules around handling of them, the CAB can put them out of business.
Yes, foot certs are much more sensitive than leaf certs.
Which is why root certs are stored in HSMs, there’s a well defined total set of them, and if the owner violates any of the rules around handling of them, the CAB can put them out of business.