Warrick FitzGerald wrote: > Is there somewhere that you can download a package of all currently > "trusted" CA's. I know this is a very broad question, as who defines who > the trusted ones are. > > I was just thinking that since vendors like $MS have a list of standard > trusted CA's, that the OpenSource community would have something similar. > > Does such a list \ pack exist, or do you need to hand pick your trusted > CA's?
There are some different flavours of such a list. As it merely depends on money to get a CA certificate included in the MS applications (even after switching to the Webtrust scheme), the OpenSource community is working on their own processes. There are some attempts to bundle CA certificates made by different communities. For example there is a collection of the CA certificates of the European research networks (http://www.tacar.org/) and there is the European Bridge CA (http://www.bridge-ca.org/). I am always keen to learn about other attempts to solve the problem of root certificate distribution. Cheers, Olaf -- Dipl.Inform. Olaf Gellert PRESECURE (R) Senior Researcher, Consulting GmbH Phone: (+49) 0700 / PRESECURE [EMAIL PROTECTED] A daily view on Internet Attacks https://www.ecsirt.net/sensornet ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
