Browsers that treat locally-added CA certs equivalent to builtin ones are complicit in malicious AV and firewall products' attacks on users.
-
-
Replying to @RichFelker
@richfelker IMO that would cover most legit use cases of local CAs, and allow browser vendors to treat other ones as dangerous.1 reply 0 retweets 0 likes -
Replying to @bmastenbrook
@bmastenbrook Yes, but just making it clear to the user that the source of trust is a locally-installed CA would be even more helpful.1 reply 0 retweets 0 likes -
Replying to @RichFelker
@richfelker don't disagree; I'm just pointing out that the current situation is also bad for legitimate local CA uses too1 reply 0 retweets 0 likes
Replying to @bmastenbrook
@bmastenbrook Ah, yes, I agree completely then.
5:18 PM - 8 Jun 2015
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.