Photo by Amelia Holowaty Krales / The Verge
A report from The Washington Post has raised doubts about a root certificate authority used by Google Chrome, Safari, Firefox, and other tech companies with ties to US intelligence. The company in question, called TrustCor, works as a root certificate authority to validate the trustworthiness of websites — and while the report found no concrete evidence of wrongdoing, it raised significant questions about the company’s trustworthiness.
Root certificate authorities protect against both website forgeries and attacks. Since root certificate authorities also have the power to give others the ability to grant certificates, it raises some concerns if the authority’s linked to surveillance or malware efforts, as it calls the entire…