Hacker News new | past | comments | ask | show | jobs | submit login

People that understand what certmgr.msc does (or should do) would immediately realize that it's not telling the full story.



I'm not a web developer, I am not intimately familiar with the intricate details of SSL, and yet I understand what a root store is and how it works. I have used certmgr.msc in the past, understanding that it should show me the certificates trusted by the system -- no more, no less. I did not immediately realize that it was not showing me all the certs my system trusts and I would like to know how I could have immediately realized that without knowing all the major CA's and the names of their root certs off the back of my hand.

Perhaps that could be written off as my failing in not knowing what certmgr.msc "should do", but Windows certainly does not make it very clear and I think it's reasonable for an average power user to assume that it shows all the trusted certs on the system, and not part.


its more than reasonable. you would have to not only know what certmgr is and what it does, but also what it SHOULD be doing in order to know it wasent doing it.

that would require specific knowledge about the CA ecosystem and who is trusted. hardly anyone knows that.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: