[tbb-dev] Symantec CA

Georg Koppen gk at torproject.org
Mon May 30 09:31:20 UTC 2016

Jeff Burdges:
> Apologies if this is kinda a dumb question. 
> Symantec has some issues as a CA :
> http://www.tomshardware.com/news/google-removes-symantec-root-certificate,30742.html
> https://blog.filippo.io/untrusting-an-intermediate-ca-on-os-x/
> I cannot find any certificates by them in either Iceweasel or TBB.  Yet,
> neither can I find any negative news articles on their status with
> Mozilla.  
> Were they excluded in the past for seeming untrustworthy?  Or are they
> valid but not showing up for some other reason? 


should have the answer for you. Both to the things raised in the Tom's
hardware post and the more general question. Oh, and the original Google
blog post
has the answer, too: The root cert is *operated* by Symantec but this
and others are not from them:

Subject: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tbb-dev/attachments/20160530/540c5396/attachment.sig>

More information about the tbb-dev mailing list