On 18/10/16 06:02, Peter Bowen wrote: > I think making it clear which entries in certdata.txt have additional > constraints would be very helpful.
Here's a start: https://wiki.mozilla.org/CA:Root_Store_Trust_Mods I believe the ANSSI root has now been removed and so CNNIC is the only one (leaving aside WoSign/StartCom) which should appear on the list. Am I right? Gerv _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
