On 11.09.13 12:05, Trent W. Buck wrote:
Erm, Firefox ignores the system certificate list and ships its own default list. AIUI, TUBITAK's key is in it, and trusted by default.
Aahh: app.update.certs.requireBuiltin = True would seem to be unobtrusively pulling in the list you describe, IIUC, based just on https://bugzilla.mozilla.org/show_bug.cgi?id=651537 which says: » and depending on whether the cert is builtin or not app.update.cert.requireBuiltIn to false « Since also stumbling over some description of banks deploying SSL-inspecting proxies, though, I figure maybe this is doing nothing more than exercising my curiosity. Erik -- "Security is mostly a superstition. It does not exist in nature... Life is either a daring adventure or nothing." - Helen Keller