rainer_k: > Eddy, > > If this is such a serious concern, why did Microsoft decicde to put > this CA inside the Windows > CA store and even distribute this via automatic update? > Installment of the Telekom CA into Firefox and putting more > restrictive policies for CAs into action in general > are two different topics and should not be interwoven.
Microsoft and Mozilla implement to different policies and criterion for the shipping of CA roots. There are CAs which are present in Mozilla and not in Microsoft and vice versa. There are CAs which are in Opera but not in Apple, but again in Microsoft and not Mozilla. Each software vendor implements its own policy. A CA wishing to be built into the NSS module must conform to the Mozilla CA policy and not to the Microsoft CA root program. For more information about the Mozilla CA policy please read http://www.mozilla.org/projects/security/certs/policy/ and also http://wiki.mozilla.org/CA:Problematic_Practices > > The comment today that Cologne University (one of Germanys largest) > recommends IE as > standard browser just because of this CA question shows that this > issue must be resolved immediately! > I've read that comment and it's simply disgusting! But Mozilla has withstand much higher pressure in the past! Such comments are only counter-productive and I'm sure the comment doesn't represent the policy of the T-Systems CA! -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
