• themoonisacheese@sh.itjust.works
    link
    fedilink
    arrow-up
    2
    ·
    1 day ago

    Yeah, I know. Why would anyone ever use them if creating one required a certificate? If the certificate was so cheap as to not be an obstacle then it wouldn’t be a deterrent to malicious replacement of codes either.

    • Caedarai@reddthat.com
      link
      fedilink
      arrow-up
      1
      ·
      5 hours ago

      Because you can make it so that the required certificate/signature has to meet certain criteria to work. For instance, imagine there was a PayPal equivalent type app for paying QR codes, and they required all codes to be signed by one of their business customers (who they have on file). Or with a certificate they themselves issue their customers.