Re: PSM 2.0 (PIP) docs now available

[Ben Bucksch]

Bob Lord wrote:

> The browser isn't making an assertion about a web site; the issuer 
> is.  We'd like to give that information to the user.  That will become 
> more  important as more CAs spring up.

The browser vendor is making an assertion about the issuer. Only trusted 
CAs should be included by default. Most users have no way to know, if an 
issuer is trustworthy or not.

BTW: What are the requirements for a CA having its certs shipped with 
the browser?