[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Lynx-dev] cert bundle sources

From: Stefan Caunter
Subject: Re: [Lynx-dev] cert bundle sources
Date: Sat, 21 Mar 2009 12:13:40 -0400

On Sat, Mar 21, 2009 at 11:45 AM, David Woolley
<address@hidden> wrote:
> Stefan Caunter wrote:
>> As it stands, I can't find a way to get all of the certs dumped from
>> Windows to DER, for openssl conversion to PEM and eventual hashing.
> Do you necessarily want to bulk import them?

It's a good question. We included the procedure for pulling them all
out of IE before this dilution of trust, if that's how to express the
inclusion of these "no-validation" certificates.

I suppose it becomes more of a user decision, but regardless it
doesn't seem to be easy to do anymore on Windows.

> One of the problems with certificates in mainstream browsers is that they
> have been devalued by mixing high and low trust ones, but enabling all of
> them.

Wonder what these cert mills paid to get included in IE?

> --
> David Woolley
> Emails are not formal business letters, whatever businesses may want.
> RFC1855 says there should be an address here, but, in a world of spam,
> that is no longer good advice, as archive address hiding may not work.
> _______________________________________________
> Lynx-dev mailing list
> address@hidden



Stefan Caunter
m: 905 517 0702
o: 289 426 5011
Skype: stefan.caunter

reply via email to

[Prev in Thread] Current Thread [Next in Thread]