I seem to have read somewhere recently that Microsoft was considering requiring CAs to pass the WebTrust audit before they would allow their certs to be embedded in their browser - anyone confirm that?
Were you sleeping the last two/three years, or more ? :-)
It must be since IE 5.5, at the last since IE 6, that CA that did not passs an audit are not present in the browser built-in list.
The current news is more that XP will try to check if it's list of CA is up-to-date with the latest version on Windows Update everytime a certificate chain is verified.
So update to the list, addition or removal, will be very effective very fast for all XP/CAPI users with an on-line connexion.
The list is updated for older client when they start an update download from Windows.
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
