Ubuntu Root Certification Policy
Hi, I am a researcher and I have the following questions to ask.
Does Ubuntu have a root certification policy which dictates the criteria in which a root certificate is added?
If such decisions are deferred to other organizations (Like Mozilla or etc), which organizations are used and how does Ubuntu select which certificates to include or not include?
Additionally how does Ubuntu handle things like name constrains and certificate restrictions within the operating system?
Are there any resources which can further explain answers to these questions?
I understand that the root store is based off the NSS but the NSS itself includes 148 certificates (According to Firefox).
Meanwhile the root certificates included in Ubuntu 20.04 differs from the NSS, it has 128 certificates and only 120 of them are included in the NSS. Hence I would like some information in understanding the discrepancy.
Question information
- Language:
- English Edit question
- Status:
- Solved
- Assignee:
- No assignee Edit question
- Solved by:
- Bernard Stafford
- Solved:
- Last query:
- Last reply: