Date: Sat, 05 Jan 2013 19:32:56 -0800 From: Yuri <yuri@rawbw.com> To: "J.R. Oldroyd" <fbsd@opal.com> Cc: freebsd-chromium@freebsd.org Subject: Re: Why "Delete" button in "Certificate manager" is disables? Why certificates are prefilled? Message-ID: <50E8F068.3070008@rawbw.com> In-Reply-To: <20130105124513.29173323@shibato> References: <50E7882A.1030302@rawbw.com> <20130104221348.34923f5a@shibato> <50E7D85F.4080006@rawbw.com> <20130105124513.29173323@shibato>
next in thread | previous in thread | raw e-mail | index | archive | help
On 01/05/2013 09:45, J.R. Oldroyd wrote: > The certificate hierarchy for the google.com certificate shows that it > is signed by the two "Verisign Class 3 Public Primary Certification > Authority" certificates. > > If you uncheck the box for "Trust for verifying web sites" for these > two certificates, then reload thehttps://google.com page, the browser > is no longer able to verify the certificate. Ok, so there are two certificates in hierarchy for google.com: Verisign on top and Thawte on the bottom. I disabled Thawte. Shouldn't chrome say now that google.com is verified by Verisign? Currently it says: "The identity of this website has been verified by Thawte SGC CA." But Thawte certificate is disabled on my system! I don't know how can people trust that chrome does the right thing when disabled certificate is used for identity verification. Yuri
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50E8F068.3070008>