Is the Trusted CA list (with the respective CAs public keys) available anywhere ? Internet Explorer has it hard-coded, now and then we see some patch coming from MS that updates the ROOT CA list. How does Netscape (or Mozilla) check the CAs signatures ? Do they also have the list ?
Does Verisign pay Microsoft to put the list in the Browser or MS pays Verisign for the list ? Finally, if one is writing a new browser, how can it be capable of verifying the authenticity (signature) of the certificates received from servers without having the respective CAs public keys to check the signature with ? Any other way ? Thanks a lot, roberto. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
