Give root certs and 'allow list' of what sites they are allowed to verify?
More a feature request than anything: I think it would be a good idea to have an optional whitelist for what sites a root cert is allowed to verify. A common situation would be a corporate root cert - if browser could be configured to only allowed to be a CA for sites within that company the users (employees in this case) could be sure that the company wasn't eavesdropping on their browsing to other websites, while allowing them to create and revoke certs for their own at will. (But I remember at least one news story recently where this would have helped the more general public when a CA started authorizing fake sites.)
Chosen solution
Feedback to the developers of Firefox and feature requests can be submitted here: https://input.mozilla.org/en-US/feedback
Read this answer in context 👍 1All Replies (2)
Chosen Solution
Feedback to the developers of Firefox and feature requests can be submitted here: https://input.mozilla.org/en-US/feedback
Thanks, I was looking for a link to feature requests on this site and couldn't find one.