Executive Summary
In the default configuration for Windows XP with Service Pack 2 (SP2), if a user removes one of the trusted root certificates, and the certifier who issued that root certificate is trusted by Microsoft, Windows will silently add the root certificate back into the user's store and use the original trust settings. This prevents a Windows XP SP2 user from declaring a Microsoft-trusted certification authority as untrusted unless the user turns off the Windows component that controls this feature.
 |
| Microsoft Windows Root Certificate Security Issues |
Note: Windows Vista works quite differently than Windows XP SP2 in this regard, and has significant but different problems with Microsoft-trusted root certificates: the user cannot mark them as untrusted. The differences between the two versions of Windows are covered in the last section.
Microsoft Windows Root Certificate Security Issues | Proper.com
No comments:
Post a Comment