So many trusted authorities
Posted Feb 5, 2010 1:26 UTC (Fri) by giraffedata
In reply to: So many trusted authorities
Parent article: Mozilla and CNNIC
Even if the prompts aren't too big a burden, knowing whether to answer yes or no is.
There's a lot of value in the Firefox developers screening these guys for me.
Bear in mind that the penalty for saying "no" to a CA that is actually trustworthy and legitimate (perhaps because you've never heard of it) is high: you don't get to use the web site you wanted to use.
I'm not sure any of it really matters in the big picture, though. The Chinese government can just use a self-signed certificate. In browsers I've seen, that results in a prompt to the user that, to 99% of them, is gobbledygook that boils down to "do you want to go to the web site you requested or not?"
to post comments)