> Browsers last a long time. There are still people running C4.x. > Most browser users NEVER even DISCOVER the "Certificate Manager" by which > they can add or remove CA certs from their browser. The browser lives with > its initial set of CAs for its entire lifetime in their profiles. It's > relatively easy to add CAs, and almost impossible to get the public to take > out a CA that has been deemed a rogue after the fact.
I was asked does mozilla make it harder to delete a CA than to add it?
If you go to a web page that downloads a new root CA cert, with the proper MIME type, the dialog needed to import and accept that cert pops up. The user never needs to go dig around in preferences to find the button that launches certificate manager.
But to delete a cert, the user must launch cert manager, and IMO, most users never figure that out.
But the point I intended to make (and apparently didn't) was that users add and delete CA certs for entirely different reasons and under different circumstances.
A user adds a new root CA cert because she wants it. She's sitting at her computer, trying to do something, and she finds she needs this CA, so she goes and gets it.
But a user typically only deletes a CA cert because he finds out, somehow
that that CA was compromised. He may never learn of the compromise, or
he may learn about it long after the fact. He may not be anywhere
near his computer when he learns about it. So, he has to go to where
the computer is, fire up the browser, find the cert manager, find the compromised cert, and untrust it.
I predict that less than 0.0001% of all mozilla users will EVER do that.
> In short, I think it's > not practically feasible right now to ever "revoke" a root CA cert that's > out in the field in mozilla executables. So, I think mozilla should continue > to put a high effort up front.
_______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
