Paul Hoffman wrote: > I stopped reading here. That is completely untrue for the majority of > the CAs in the Mozilla trust root pile.
I would quibble with "majority". You might get away with "the majority of SSL server certs issued for use on the public internet are issued by CAs that don't...". In other words, most of the CAs do identity verification of some sort; but the majority of the certificates aren't issued after identity verification. Gerv _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
