[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Lynx-dev] cert bundle sources
|
From: |
Stefan Caunter |
|
Subject: |
Re: [Lynx-dev] cert bundle sources |
|
Date: |
Sat, 21 Mar 2009 12:13:40 -0400 |
On Sat, Mar 21, 2009 at 11:45 AM, David Woolley
<address@hidden> wrote:
> Stefan Caunter wrote:
>
>> As it stands, I can't find a way to get all of the certs dumped from
>> Windows to DER, for openssl conversion to PEM and eventual hashing.
>
> Do you necessarily want to bulk import them?
It's a good question. We included the procedure for pulling them all
out of IE before this dilution of trust, if that's how to express the
inclusion of these "no-validation" certificates.
I suppose it becomes more of a user decision, but regardless it
doesn't seem to be easy to do anymore on Windows.
> One of the problems with certificates in mainstream browsers is that they
> have been devalued by mixing high and low trust ones, but enabling all of
> them.
Wonder what these cert mills paid to get included in IE?
> --
> David Woolley
> Emails are not formal business letters, whatever businesses may want.
> RFC1855 says there should be an address here, but, in a world of spam,
> that is no longer good advice, as archive address hiding may not work.
>
>
> _______________________________________________
> Lynx-dev mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/lynx-dev
>
--
Stefan
---
Stefan Caunter
m: 905 517 0702
o: 289 426 5011
Skype: stefan.caunter
http://nearsourceit.com/