X
Tap here to go to the mobile version of the site.
Your Firefox is out of date and may contain a security risk! Upgrade Firefox

Support Forum

When should I delete a Certificate Authority that sounds suspiciously like I would never use it?

Posted

When I opened the Certificate Manager under Tools/Options/Advanced, I found a long list of Certificate Authorities that looked very suspicious to me. For example, the first one was an outfit by the name of "TURKTRUST" with Turkish language names.

Where did this come from?

There are quite a few other "suspicious" looking CA names.

What happens if I delete them all?

Chosen solution

OK, Listen firefox developers: are YOU determining who I trust? I'm sorry, but I happen not to trust bigger corporations. It's part of the reason most people stepped over to Firefox. Besides, if for every 'secure' connection in the world browsers keep making connection to a very limited number of 'Certificate authorities' like 'Verisign'/eTrust' etc, then the CONNECTION might be secure, but the FACT that IP number xxx.xxx is connecting to (secure) website www.trytokeepasecret.org is 'leaked'. (as an average user is not informed or even aware that certificate issuers are connected to with every secure connection) And I feel that in fact... my privacyis breached.

Me connecting to a website is something between me and that website, and it's MY decicion wether or not i trust that website's certificate, and no business of a third party 'certificate issuer'. The list in Firefox is arbitrary, the users of Firefox should have a say in it. it is MY secure connection and not Firefox's! I DON'T trust Turktrust, or the rest of the list! And the fact that Firefox developers are trying to push this (telling me who to trust) through my throat makes me hate Firefox. In fact because of THIS issueI find Firefox itself is turning into an organization I don't trust anymore. Just look at that list! It's obvious anyone paying enough money (or blackmarket influence) can become a certificate issuer.

People @ Firefox: I'd like to be able to connect to ANY website that pleases me, comprende?

At the SAME TIME Firefox automatically CONNECTS to every advertising and tracking beacon on every website! (Breaching again my privacy!)

The only reason I still use Firefox is because of the addon 'requestpolicy' which is able to block connections to 3rd party websites. (TRY IT!) Why? Most websites use google analytics these days, and google gets connected for almost every website UNLESS you use requestpolicy! It's really an amazing feat how much information they are gathering without the main public realizing it.

Read this answer in context 0

Additional System Details

Installed Plug-ins

  • Logitech Device Detection
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Adobe PDF Plug-In For Firefox and Netscape "9.4.0"
  • Default Plug-in
  • The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site.
  • Shockwave Flash 10.1 r85
  • GEPlugin
  • Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers
  • 4.0.50917.0
  • Windows Presentation Foundation (WPF) plug-in for Mozilla browsers
  • Photodex Presenter Plugin 4,10,0,2737
  • Google Update
  • Version 1.1.0, copyright 1996-2010 The VideoLAN Teamhttp://www.videolan.org/
  • DRM Netscape Network Object
  • Npdsplay dll
  • DRM Store Netscape Plugin

Application

  • User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.11) Gecko/20101012 Firefox/3.6.11

More Information

cor-el
  • Top 10 Contributor
  • Moderator
10755 solutions 96800 answers

You can't remove them. You can edit them and remove the trusted bits, but there is no need to do that. Mozilla has a very strict policy about accepting root certificates.

See http://www.mozilla.org/projects/security/certs/policy/ - Mozilla CA Certificate Policy

pakmenu 1 solutions 2 answers

Chosen Solution

OK, Listen firefox developers: are YOU determining who I trust? I'm sorry, but I happen not to trust bigger corporations. It's part of the reason most people stepped over to Firefox. Besides, if for every 'secure' connection in the world browsers keep making connection to a very limited number of 'Certificate authorities' like 'Verisign'/eTrust' etc, then the CONNECTION might be secure, but the FACT that IP number xxx.xxx is connecting to (secure) website www.trytokeepasecret.org is 'leaked'. (as an average user is not informed or even aware that certificate issuers are connected to with every secure connection) And I feel that in fact... my privacyis breached.

Me connecting to a website is something between me and that website, and it's MY decicion wether or not i trust that website's certificate, and no business of a third party 'certificate issuer'. The list in Firefox is arbitrary, the users of Firefox should have a say in it. it is MY secure connection and not Firefox's! I DON'T trust Turktrust, or the rest of the list! And the fact that Firefox developers are trying to push this (telling me who to trust) through my throat makes me hate Firefox. In fact because of THIS issueI find Firefox itself is turning into an organization I don't trust anymore. Just look at that list! It's obvious anyone paying enough money (or blackmarket influence) can become a certificate issuer.

People @ Firefox: I'd like to be able to connect to ANY website that pleases me, comprende?

At the SAME TIME Firefox automatically CONNECTS to every advertising and tracking beacon on every website! (Breaching again my privacy!)

The only reason I still use Firefox is because of the addon 'requestpolicy' which is able to block connections to 3rd party websites. (TRY IT!) Why? Most websites use google analytics these days, and google gets connected for almost every website UNLESS you use requestpolicy! It's really an amazing feat how much information they are gathering without the main public realizing it.

Modified by pakmenu

mct99 0 solutions 1 answers

You can disable trust with any of the CAs if you prefer. It is up to you who you trust.

If you are concerned about privacy then I recommend the Ghostery addon. It blocks these privacy beackons.