Wayne Thayer wrote: > > > That is not my understanding of how this setting works: it only imports > roots that have been added to the Windows root store, e.g. by a program > such as Avast, or an administrator. It does not import roots Microsoft > ships with Windows. >
The problem is that if a root certificate is revoked locally by: - exporting it from any place in the windows certificate store, - adding it to the Untrusted Certificates store - keeping it untouched in the initial store where it was exported from ... Firefox considers that certificate as valid when it should consider it as revoked. Windows considers such a certificate to be revoked. With Avast antivirus it's not possible to delete their MITM scanner certificate because they will re-create another if i delete it, but they allow it to be revoked and stay revoked. ~~~~ Adrian R. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
