lostmypasswordanew

joined 1 year ago
[–] lostmypasswordanew@feddit.de 81 points 6 months ago* (last edited 6 months ago) (19 children)

All TLS/HTTPS clients have a set of Certificate Authority keys which they trust. Your client will only accept a public key which is signed by a trusted CA's key. A proper CA will not sign a key for a domain when it has not verified that the entity that wants it's key signed actually controls the domain.