On 11.09.13 12:05, Trent W. Buck wrote: > Erm, Firefox ignores the system certificate list and ships its own > default list. AIUI, TUBITAK's key is in it, and trusted by default.
Aahh: app.update.certs.requireBuiltin = True would seem to be unobtrusively pulling in the list you describe, IIUC, based just on https://bugzilla.mozilla.org/show_bug.cgi?id=651537 which says: » and depending on whether the cert is builtin or not app.update.cert.requireBuiltIn to false « Since also stumbling over some description of banks deploying SSL-inspecting proxies, though, I figure maybe this is doing nothing more than exercising my curiosity. Erik -- "Security is mostly a superstition. It does not exist in nature... Life is either a daring adventure or nothing." - Helen Keller _______________________________________________ luv-main mailing list [email protected] http://lists.luv.asn.au/listinfo/luv-main
