John Gardiner Myers wrote:Configurability is no excuse for the lack of a good default.
The point is not trying to get away from working out a good default.
It's about recognising the fact that security/trust is something very personnal, and different users might have different needs.
End users generally have no interest or competence in deciding CA trust issues.
I totally agree with you on that point, John.
Again, this is not about end user deciding themself what CA they trust.
It's about them deciding who they trust to tell them what CA to trust.
Here you decide that if they like Mozilla, the browser, they must like mozilla.org the trusted CA list establishing organization, which is not the same thing.
But that's OK if you disagree with the idea.
I described it, explained the motivation, and if someone else likes it more, they can choose to implement it on their own distribution.
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
