Mailinglist Archive: opensuse (1355 mails)

< Previous Next >
Re: [opensuse] Re: opensuse mailing list site ridiculousness
On 06/17/2018 09:33 AM, L A Walsh wrote:
    Those are just some more famous names,
there quite a few distributed along with standard
browser SW.

Yes, and companies that have misused or been poor stewards of their
responsibility as root CAs have been removed from browsers before, both
private companies and government. Some CAs have also been removed
because they do a poor job of of publishing lists of certificates they
have issued for audit. Symantec was a recent removal for such reasons,
this of course will heavily affect (IE: destroy) their PKI business.
These things do not happen in a vacuum.

If you are the target of a nation, more likely they will update your CA
certificates, but that is not the situation for most. The majority of
general monitoring will trigger warnings, and even in the corporate
environment Firefox will do so unless extra measures are taken, because
it ships with its own certificate store.


--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >