this post was submitted on 14 Mar 2025
460 points (98.5% liked)

Comic Strips

15131 readers
1027 users here now

Comic Strips is a community for those who love comic stories.

The rules are simple:

Web of links

founded 2 years ago
MODERATORS
 

you are viewing a single comment's thread
view the rest of the comments
[–] themoonisacheese@sh.itjust.works 21 points 1 day ago (8 children)

Okay and what happens when I overwrite that qr code with one that points to downloadvirus.com? How is a client supposed to know that the qr code isn't supposed to be here?

[–] Bilaketari@reddthat.com 0 points 1 day ago (7 children)

Well, because it won't be signed by a trusted CA for that task. Like if CAs had a category of certificate issuance that applied here (the standardisation issue) then it would be easy to spot a fake (which wouldn't be correctly signed). Alternatively, you could take the European approach of having everything government related (like public street parking, though Europe mostly uses apps for that, not signed QR codes) rely on government entities and those in turn on a national set of government CAs.

[–] themoonisacheese@sh.itjust.works 1 points 20 hours ago (2 children)

Very cool. Why would anyone use qr codes then? When you can just write a url and that's free

[–] Bilaketari@reddthat.com 2 points 13 hours ago (1 children)

QR codes are mostly meant to let you get an amount of info (they're mostly text-based) without having to type or enter it manually when you might make mistakes or when the process is just faster for the amount of text involved.

Yeah, I know. Why would anyone ever use them if creating one required a certificate? If the certificate was so cheap as to not be an obstacle then it wouldn't be a deterrent to malicious replacement of codes either.

load more comments (4 replies)
load more comments (4 replies)