Mike Hearn [ARCHIVE] on Nostr: 📅 Original date posted:2012-11-26 📝 Original message:They could be included as ...
📅 Original date posted:2012-11-26
📝 Original message:They could be included as well of course, but from a seller
perspective the most important thing is consistency. You have to be
able to predict what CAs the user has, otherwise your invoice would
appear in the UI as unverified and is subject to manipulation by
viruses, etc.
So using the OS cert store would effectively restrict merchants to the
intersection of what ships in all the operating systems their users
use, which could be unnecessarily restrictive. As far as I know, every
browser has its own cert store for that reason.
📝 Original message:They could be included as well of course, but from a seller
perspective the most important thing is consistency. You have to be
able to predict what CAs the user has, otherwise your invoice would
appear in the UI as unverified and is subject to manipulation by
viruses, etc.
So using the OS cert store would effectively restrict merchants to the
intersection of what ships in all the operating systems their users
use, which could be unnecessarily restrictive. As far as I know, every
browser has its own cert store for that reason.