> Similarly, if we were to accept trust in Qihoo, then we would be ignoring the
> precedent Qihoo has set of choosing insecure and anti-user behaviours masked
> as "security".
I dare say your cert store will end up as a pretty lonely place if you start
investigating CAs –outside the realm of CA per se– and their parent companies
for questionable security and shady business.
dev-security-policy mailing list