Comment by ekr____
5 days ago
This isn't correct. With ZKP-based systems even the CA can't track you. That's the "zero-knowledge" part.
5 days ago
This isn't correct. With ZKP-based systems even the CA can't track you. That's the "zero-knowledge" part.
And those types of schemes will never see the light of day, read what they are actually proposing to implement.
but how is that possible? that even the CA cannot track you?
That's not really possible to explain in this space, unfortunately, but the overall idea is that there are mathematical techniques that allow you to prove that you have a valid certificate without revealing which one it is.