Jeff Burdges:
Apologies if this is kinda a dumb question.
Symantec has some issues as a CA : http://www.tomshardware.com/news/google-removes-symantec-root-certificate,30... https://blog.filippo.io/untrusting-an-intermediate-ca-on-os-x/
I cannot find any certificates by them in either Iceweasel or TBB. Yet, neither can I find any negative news articles on their status with Mozilla.
Were they excluded in the past for seeming untrustworthy? Or are they valid but not showing up for some other reason?
https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/UxQFqe9u...
should have the answer for you. Both to the things raised in the Tom's hardware post and the more general question. Oh, and the original Google blog post (https://security.googleblog.com/2015/12/proactive-measures-in-digital.html) has the answer, too: The root cert is *operated* by Symantec but this and others are not from them:
Subject: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification
Georg