
Companies could use 'intermediate' web security certificates to spy
A certificate authority (CA) is a trusted entity that issues electronic certificates (duh) to verify identity on the Internet. They're a key part of secure communications online -- and thus super important. Then there's intermediate CAs, signed by a root CA, making certificates for any website. However, they're just as powerful as those root ones. Worse still, there's no full list for the ones your system trusts because root CAs can make new ones whenever it wants, and our co