When signing up for a US gov login at secure.login.gov, the digital certificate verifying the site is issued by Amazon (using a root certification authority from “Starfield Class Certification Authority”)
Does anybody else find it weird that the a private company vouches for the US government?

Share This Discussion

3 Comments

  • Cypher_Blue

    November 19, 2021

    What other third party would you recommend?

    Reply
  • rmg22893

    November 19, 2021

    Would it not be more concerning if the US government had a root certification authority cert on consumer devices and could issue trusted certificates for whatever domain they pleased for whatever purpose they pleased?

    The DoD has their own internal CA that they use for some sites. If the site is intended for use by everyday citizens, it would make sense that they use a publicly trusted CA.

    Reply
  • IsraelZulu

    November 19, 2021

    Website is probably on AWS. Nothing unusual about that.

    Reply

Leave a Comment

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.