Hi, >> That's the point Phillip was referring, too. But the more interesting >> question to me seems here: if CAs = the companies operate sub-CAs, why >> do so many CA = companies have several root certificates in NSS? > > I think everyone here agrees that multiple CA certificates does not equal > independent sub-CAs.
I was just wondering why some companies have added several root certs in the past, and others haven't. I think I once went through the NSS root store and found that this number is also unequally distributed. > The Microsoft trusted root certificate program does a clearer job of > indicating which root CAs are controlled by which organizations. > > https://social.technet.microsoft.com/wiki/contents/articles/2592.aspx That's useful. I think Kathleen Wilson of Mozilla operates a similar list, although when I checked it a while ago I didn't find it too accessible. Ralph
signature.asc
Description: OpenPGP digital signature
