Ok do I'm not sure if it's appropriate that I message on this, I'm just a citizen, but one who has personally seen and noticed fake certificates and most definitely ones that were "man in the middle attack" certificates. I know these are old discussions do I'm assuming by now you all have seen the flat out bogus certificates that are clearly serious to the point that I know for a fact caused many security breeches. Now, like I said I'm no expert, but technically I'm getting all of this and figured out what certificates were the past year and noticed a good amount that were empty in the field , negative oreven no number at all or out of date , and duplicated. Now, this is my question. Has the teknotronic certifica still dealing havoc, or is someone doing something about it? I find it amazing that I'm understanding this whole conversation which makes me realize further that I definitely need to start my cyber security degree asap. I personally have seen the havok that these certificates can do when they aren't ligitimate. This stuff is like my passion I see and understand how important this all is in order to keep governments safe and top secret information, secret. Please give me some information on what is bring done and what I can do as far as schooling, (cyber security degree?) In order to do this kind of work. Like I said, I believe it's so important and might be one of the most important things going on with this technology that we have now. Thank you and sorry if I am innapropriate in writing this, but I'd love to hear from experts on what has been done and maybe even understand why I had 155 roots on my last phone that half were not legitimate. Maybe it would help me either validate my fears and help to put it to rest or even completely make me feel more safe knowing that someone is aware, watching and atleast trying to sqaush what they can of it. Thank you I look forward to a response from someone 😊. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: CATCert Root Inclusion Request
marshsarah475--- via dev-security-policy Fri, 13 Dec 2019 07:54:14 -0800