I wonder if it's been decided yet, or whether it's still disputed, whether keeping a separate certificate database is more secure or not (Feb 2015 http://news.softpedia.com/news/44-000-Superfish-MitM-Certificates-Found-in-Mozilla-Firefox-473823.shtml), or was this dispute just naively founded?
On Saturday, 12 September 2015 13:18:52 UTC+10, Richard Barnes wrote: > . . . When you import a certificate into Firefox, you can set three > trust bits -- websites, email, and code signing. If you want to use the CA > for HTTPS and you don't check the websites box, you're gonna have a bad > time. > --Richard _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
