Przeszukaj pomoc

Unikaj oszustw związanych z pomocą.Nigdy nie będziemy prosić Cię o dzwonienie na numer telefonu, wysyłanie SMS-ów ani o udostępnianie danych osobowych. Zgłoś podejrzaną aktywność, korzystając z opcji „Zgłoś nadużycie”.

Więcej informacji

How does Mozilla (Firefox) check wheter a Root certificate within its storage is trustworthy?

  • 2 odpowiedzi
  • 1 osoba ma ten problem
  • 2 wyświetlenia
  • Ostatnia odpowiedź od etienno

more options

I've read the following article: http://zitseng.com/archives/7489

The article states about government (root) certificates being installed on Mac's.

Since Firefox is all about privacy, I'm wondering why it's possible that Firefox also gets shipped with some of the certificates listed. I have to admit not liking the idea of, for example, the Chinese government (China Internet Network Information Center) slotting into my internet traffic with a self-signed certificate..

The general question in case here is: what does Mozilla require to mark a certificate as trustworthy? Discussing the matter of privacy, any (Chinese/US) government certificate being valid doesn't really support that, reputation wise..

I've read the following article: http://zitseng.com/archives/7489 The article states about government (root) certificates being installed on Mac's. Since Firefox is all about privacy, I'm wondering why it's possible that Firefox also gets shipped with some of the certificates listed. I have to admit not liking the idea of, for example, the Chinese government (China Internet Network Information Center) slotting into my internet traffic with a self-signed certificate.. The general question in case here is: what does Mozilla require to mark a certificate as trustworthy? Discussing the matter of privacy, any (Chinese/US) government certificate being valid doesn't really support that, reputation wise..

Wszystkie odpowiedzi (2)

more options
more options

I've read the maintenance policy.

So far I seem to have the following understanding: there is no check whether an issuer is trustworthy, they just check whether they issue valid certificates (according to Mozilla) and revoke them upon certain events.

At the matter of privacy that seems to be a clear issue, with governments having the possibility of issuing certificates and intercepting traffic. This gives them a possibility for executing a MITM, doesn't it?