alt Hacker News> Consider this - what is the likelihood of every certificate authority on the Internet having their private keys compromised simultaneously? I’d wager that’s almost at the whatever is the statistics equivalent of the Planck length level of probability.
It doesn't matter if every certificate authority is compromised or just one. One is all that is needed to sign certificates for all websites.
Replies
This is only relevant for active MITM attacks.
Author here, hi! Was just venting last night, but that's a very good point, I'll update it later with your correction :)