|
|
|
|
|
|
by 8organicbits
563 days ago
|
|
|
I'm very aware of DigiNotar, I wrote a blog post last year that discusses DigiNotar and even mentions Brazil/ITI [1]. A challenge for Microsoft is that they aren't transparent in their inclusion decisions, so we can only speculate why they chose to trust this CA. What gives you confidence that Microsoft is doing careful vetting? In stark contrast, Mozilla publicly and extensively documented why they didn't trust this CA [2]. [1] https://alexsci.com/blog/ca-trust/ [2] https://bugzilla.mozilla.org/show_bug.cgi?id=438825 |
|
|