about CNNIC certificate

General discussion and chat (archived)
Locked
nat_smart

about CNNIC certificate

Unread post by nat_smart » 2013-05-20, 02:53

what is CNNIC certificate. it's spy our private information? why must remove it as offcial firefox added (lawlietfox has removed)
https://bugzilla.mozilla.org/show_bug.cgi?id=542689 and how to in palemoon specific will remove too? :shock:
how is danger is it?
Top
User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35627
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:
Contact Moonchild

Re: about CNNIC certificate

Unread post by Moonchild » 2013-05-20, 10:55

CNNIC is the Chinese government root cert. CNNIC has complied with the requirements to have a root cert added to the built-in store.
A root cert by itself is not dangerous. Even if malicious certs are issued against it, those certs still have to make their way to the client PC first and be used before they are revoked through OCSP.

If you want to distrust it and in turn every site secured by that root cert, you can at all times do so from the certificate manager: Options -> Advanced -> Encryption -> View certificates -> Find the cert under "Authorities", select the cert and click "distrust or delete". This will distrust the root cert and it will not be used anymore to authenticate sites.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Top
Locked

Return to “General discussion (old)”