Re: Adam1
https://certsimple.com/blog/control-the-ssl-cas-your-browser-trusts
this page from last year showed that adjusting Android's 'trust' is very easy, whilst Windows takes some effort
CA/BF (certificate authority & browser forum) has attracted comments like this (from 2012)
First, the Forum includes no representatives from the public or from CAs' customers--these are commonly referred to by CAs as "Relying Parties" and "Subscribers," respectively. This is troubling, given that these are the entities that are most at risk from poor policies or practices. Second, the Forum conducts its business largely in secret, with little public transparency into the process by which policies are developed and implemented. While there may be benefits to keeping some security vulnerability information private for short amounts of time, there is no compelling reason to do most of the Forum's work in private.
I have met people who work with the CA/BF, and I would quite like something better!
That seems to be 'not yet available' perhaps deliberately? - after all what could possibly be wrong with a system designed (and mostly stuck in) 1995 levels of 'security' & 'trust'
Biting the hand that feeds IT
