This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Buscar en Ayuda

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

When should I delete a Certificate Authority that sounds suspiciously like I would never use it?

  • 3 respuestas
  • 24 tienen este problema
  • 1 visita
  • Última respuesta de mct99

more options

When I opened the Certificate Manager under Tools/Options/Advanced, I found a long list of Certificate Authorities that looked very suspicious to me. For example, the first one was an outfit by the name of "TURKTRUST" with Turkish language names.

Where did this come from?

There are quite a few other "suspicious" looking CA names.

What happens if I delete them all?

When I opened the Certificate Manager under Tools/Options/Advanced, I found a long list of Certificate Authorities that looked very suspicious to me. For example, the first one was an outfit by the name of "TURKTRUST" with Turkish language names. Where did this come from? There are quite a few other "suspicious" looking CA names. What happens if I delete them all?

Solución elegida

OK, Listen firefox developers: are YOU determining who I trust? I'm sorry, but I happen not to trust bigger corporations. It's part of the reason most people stepped over to Firefox. Besides, if for every 'secure' connection in the world browsers keep making connection to a very limited number of 'Certificate authorities' like 'Verisign'/eTrust' etc, then the CONNECTION might be secure, but the FACT that IP number xxx.xxx is connecting to (secure) website www.trytokeepasecret.org is 'leaked'. (as an average user is not informed or even aware that certificate issuers are connected to with every secure connection) And I feel that in fact... my privacyis breached.

Me connecting to a website is something between me and that website, and it's MY decicion wether or not i trust that website's certificate, and no business of a third party 'certificate issuer'. The list in Firefox is arbitrary, the users of Firefox should have a say in it. it is MY secure connection and not Firefox's! I DON'T trust Turktrust, or the rest of the list! And the fact that Firefox developers are trying to push this (telling me who to trust) through my throat makes me hate Firefox. In fact because of THIS issueI find Firefox itself is turning into an organization I don't trust anymore. Just look at that list! It's obvious anyone paying enough money (or blackmarket influence) can become a certificate issuer.

People @ Firefox: I'd like to be able to connect to ANY website that pleases me, comprende?

At the SAME TIME Firefox automatically CONNECTS to every advertising and tracking beacon on every website! (Breaching again my privacy!)

The only reason I still use Firefox is because of the addon 'requestpolicy' which is able to block connections to 3rd party websites. (TRY IT!) Why? Most websites use google analytics these days, and google gets connected for almost every website UNLESS you use requestpolicy! It's really an amazing feat how much information they are gathering without the main public realizing it.

Leer esta respuesta en su contexto 👍 0

Todas las respuestas (3)

more options

You can't remove them. You can edit them and remove the trusted bits, but there is no need to do that. Mozilla has a very strict policy about accepting root certificates.

See http://www.mozilla.org/projects/security/certs/policy/ - Mozilla CA Certificate Policy

more options

Solución elegida

OK, Listen firefox developers: are YOU determining who I trust? I'm sorry, but I happen not to trust bigger corporations. It's part of the reason most people stepped over to Firefox. Besides, if for every 'secure' connection in the world browsers keep making connection to a very limited number of 'Certificate authorities' like 'Verisign'/eTrust' etc, then the CONNECTION might be secure, but the FACT that IP number xxx.xxx is connecting to (secure) website www.trytokeepasecret.org is 'leaked'. (as an average user is not informed or even aware that certificate issuers are connected to with every secure connection) And I feel that in fact... my privacyis breached.

Me connecting to a website is something between me and that website, and it's MY decicion wether or not i trust that website's certificate, and no business of a third party 'certificate issuer'. The list in Firefox is arbitrary, the users of Firefox should have a say in it. it is MY secure connection and not Firefox's! I DON'T trust Turktrust, or the rest of the list! And the fact that Firefox developers are trying to push this (telling me who to trust) through my throat makes me hate Firefox. In fact because of THIS issueI find Firefox itself is turning into an organization I don't trust anymore. Just look at that list! It's obvious anyone paying enough money (or blackmarket influence) can become a certificate issuer.

People @ Firefox: I'd like to be able to connect to ANY website that pleases me, comprende?

At the SAME TIME Firefox automatically CONNECTS to every advertising and tracking beacon on every website! (Breaching again my privacy!)

The only reason I still use Firefox is because of the addon 'requestpolicy' which is able to block connections to 3rd party websites. (TRY IT!) Why? Most websites use google analytics these days, and google gets connected for almost every website UNLESS you use requestpolicy! It's really an amazing feat how much information they are gathering without the main public realizing it.

Modificadas por pakmenu el

more options

You can disable trust with any of the CAs if you prefer. It is up to you who you trust.

If you are concerned about privacy then I recommend the Ghostery addon. It blocks these privacy beackons.