Warrick FitzGerald wrote: > Is there somewhere that you can download a package of all currently > "trusted" CA's. I know this is a very broad question, as who defines who > the trusted ones are.
Mozilla has a pretty good policy on CA certs IMO, and they obviously ship ip with Mozilla products. It's in a format that is not compatible with OpenSSL, but the CURL people have made a conversion tool and provide already converted Mozilla CA list. See http://curl.haxx.se/docs/caextract.html See Mozilla policy here: http://www.hecker.org/mozilla/ca-certificate-policy -- Heikki Toivonen
signature.asc
Description: OpenPGP digital signature
