(I don't have access to windoze... cannot verify if my suggestion would

Can't you replace the installed root certs with empty files or bogus
content such that they will fail path validation and still trick MS not
to re-install them?


Jeffrey Altman wrote:
>> The executive summary, so I've got something to reply to:
>>   In the default configuration for Windows XP with Service Pack 2 (SP2),
>> if a
>>   user removes one of the trusted root certificates, and the certifier who
>>   issued that root certificate is trusted by Microsoft, Windows will
>> silently
>>   add the root certificate back into the user's store and use the original
>>   trust settings.
>> While I don't agree with this behaviour, I can see why Microsoft would do
>> this, and I can't see them changing it at any time in the future.  It's the
>> same reason why they ignore key usage restrictions and allow (for
>> example) an
>> encryption-only key to be used for signatures, and a thousand other
>> breaches
>> of PKI etiquette: There'd be too many user complaints if they didn't.
> The real flaw that I see in their design is that they permit
> certificates that they installed to be removed.  Instead they should
> have provided a "disabled" feature so that those who wish to disable
> installed certs can do so and thereby ensure that in the future they
> won't be restored.
> Jeffrey Altman

Frank Siebenlist               [EMAIL PROTECTED]
The Globus Alliance - Argonne National Laboratory

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to