Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

For historical reasons (viz. NSS), Mozilla maintains its own list of trusted CAs. Chrome uses whatever is provided by the OS, so they aren't in a position to make the same sorts of demands.

Not that I disagree with the sentiment -- there's just a very specific reason why Mozilla is involved, and it's not simply because they write a web browser.



Chrome could still maintain a blacklist of roots.


One was written after the DigiNotar incident: http://code.google.com/p/chromium/issues/detail?id=94673




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: