Reply to post: Re: CA list

Hacked in a public space? Thanks, HTTPS

Anonymous Coward
Anonymous Coward

Re: CA list

> I would love to be able to modify the browsers root CA list handling so that I could flag the majority of CAs as untrusted

At least in Mozilla-based browsers and Android you can do this no problems.

> There isn't even an easy (point'n'drool) way to edit current CA lists.

Yes there is. Admittedly, on Firefox it takes a few more clicks than I would like to, but you only have to do this once (careful about upgrades though!)

> Even having the browser optionally show, for each web-page, which CA is being used would help, instead of having to hunt through the 'View certificate' process.

That won't help in most cases. Certificate pinning is a better option.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019