Paul,
Paul Hoffman wrote:
Updating software with a new root module is a lot simpler. Of course that
process has its own set of security issues as well.
It also doesn't work for users who are using a different root module. "Barely traceable
management action" != "open message protocol".
True. In that case the only solution is to mark the root as untrusted.
Also, note that if somebody modified the trust on a root cert previously
in any way, a copy of that cert and trust is made in the user's cert
database. The database trust always has priority over the root module's
trust. So, updating the root module alone for those users would not
suffice to disable the use of that root.
Resetting the trust for a root gone rogue could be accomplished in
update code programmatically, however.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto