Hacker Newsnew | past | comments | ask | show | jobs | submit | user32556's commentslogin

Is there any free CA that supports signing on an IP address? e.g. https://1.1.1.1/


This was discussed deeply at the Mozilla forum for CAs, and the answer is "even if someone wished it, nope", mainly because of dynamic IP address, and even if we removed this type of issuance, the next level is modifying your contact details on the IP block, which is hard because there's isn't a single standard (on modifying, the data format is more-or-less standardised at this point).

Google actually wants to do this for their Cloud Platform, and owns the whole chain (i.e. has its own CA, https://pki.goog) but it's currently hard in the current state of CA/B baseline requirements.


I realize it’s not exactly what you asked, but you could use a service like https://nip.io to map up addresses to hostnames.


Update by OP: Our university contacted Google and all G Suite accounts are back now.


IMO, nowadays top-tier conference paper tends to focus too much on telling an interesting story. This makes researchers only show the surprising result in the paper. The unsurprising one is hardly mentioned.

However, the uninteresting part would definitely help others to not make the same mistake. The uninteresting result is still result (and contribution), isn't it?


Yeah, that's the TED Talk effect, as some people put it

You cannot make a TED Talk about something that people already know


What if you presented it with a bunch of single-word slides and had a compelling frame? “What my 10 years among uncontacted tribes in the Amazon taught me about the boiling point of water”


because people are in quarantine :)


A few weeks ago, we organized a competition and we asked the top 3 participants to send us their solution to our gmail. Two were using their own domains (.io and .su) and one was using Gmail. The two with their own domains just got in the spam folder, and without surprise that Gmail one survived.

"If you want to set up your own email domain rather than using Gmail, good luck."


Are you talking about CSS-based fingerprinting?

https://browserleaks.com/css#explanation


No, not this is some amateur work. State of the art techniques css fingerprinting can uniquely identify 1 device from billions.

Also this is nothing but getting dimension of screen and other browser attributes which are useless now. The current state of the art cannot be mitigated unless you put a 95% penalty on performance on the CSS engine AFAIK.


The old link you keep pasting does not support this or your other hyperbolic assertions. Stop dangling claims of secret superpowers or support them.


Have a read: https://www.ieee-security.org/TC/SP2019/papers/405.pdf


All the links you provided describe techniques that would only work on mobile devices with access to the sensors. On my desktop PC there's no GPS, no gyrometer, no webcam and no browser access to my microphone.


And no access to that on mobile without security dialogs. Dude originally claimed it worked via CSS. I guess he doesn't have secret superpowers.


Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: