Stromeko at nexgo.de
Mon Jan 13 19:26:05 UTC 2020
Hal Murray via devel writes:
> Suppose you don't trust all those CAs. What can you do?
Then they shouldn't be in your trust root to begin with. It's easy
enough to remove a CA source file from the system cert store and rebuild
it, although what to do is slightly different on each system.
> One option is to extract the appropriate certificate from the installed root
That's CA pinning rather than certificate pinning. It only makes sense
(to me anyway) if you expect to have multiple different certificates
that refer to that CA, so maybe if you have a local CA that you don't
want to advertise system-wide.
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+
Factory and User Sound Singles for Waldorf rackAttack:
More information about the devel