• Caedarai@reddthat.com
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      12 hours ago

      Well, because it won’t be signed by a trusted CA for that task. Like if CAs had a category of certificate issuance that applied here (the standardisation issue) then it would be easy to spot a fake (which wouldn’t be correctly signed). Alternatively, you could take the European approach of having everything government related (like public street parking, though Europe mostly uses apps for that, not signed QR codes) rely on government entities and those in turn on a national set of government CAs.

      • Aux@feddit.uk
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 hours ago

        That doesn’t make any sense. How would you know if something should or should not be signed? You wouldn’t.