Firefox applies the same whitelist that Chrome does. It's just not reflected in the GUI.
Sent from my iPhone. Please excuse brevity. > On Sep 14, 2015, at 12:12, "[email protected]" <[email protected]> > wrote: > > I can't believe I just found "CNNIC ROOT" in my firefox 40 CA trusted list. > Mozilla, are you kidding your users or what? It's simply unacceptable to > ignore user complaints and ignore serious certificate authority misconduct. > > The whitelist approach adopted by google seems like a reasonable solution. > But just ignoring the problem is a complete carelessness for the users. > > You are one of few organizations that should lead the way. This is not what > you're doing right now. > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
