At 2:45 AM +1200 7/20/07, [EMAIL PROTECTED] wrote:
From a security point of view, this is really bad. From a usability point of view, it's necessary.
As you can see from my list of proposed solutions, I disagree. I see no reason not to to alert a user *who has removed a root* that you are about to put it back in.
Note that I did not criticize the practice of starting with a zillion roots that Microsoft trusts.
--Paul Hoffman, Director --VPN Consortium --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]