[EMAIL PROTECTED] wrote: > The executive summary, so I've got something to reply to: > > In the default configuration for Windows XP with Service Pack 2 (SP2), > if a > user removes one of the trusted root certificates, and the certifier who > issued that root certificate is trusted by Microsoft, Windows will > silently > add the root certificate back into the user's store and use the original > trust settings. > > While I don't agree with this behaviour, I can see why Microsoft would do > this, and I can't see them changing it at any time in the future. It's the > same reason why they ignore key usage restrictions and allow (for > example) an > encryption-only key to be used for signatures, and a thousand other > breaches > of PKI etiquette: There'd be too many user complaints if they didn't.
The real flaw that I see in their design is that they permit certificates that they installed to be removed. Instead they should have provided a "disabled" feature so that those who wish to disable installed certs can do so and thereby ensure that in the future they won't be restored. Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
