scary certificate for

Peter Tomlinson pwt at
Mon Jun 18 20:36:55 BST 2012

That assumes that we trust Microsoft as much as we trust Verisign.


On 18/06/2012 18:30, Ben Liddicott wrote:
> This is a website for issuing updates to Microsoft Windows. It is 
> verified by a chain terminating in a certificate Microsoft issued 
> themselves.
> The SSL Chain of trust is for trusting previously unknown parties. For 
> the purposes of updating Windows, Microsoft are not an unknown party. 
> Nothing would be added by having Verisign validate the certificate.
> Cheers,
> Ben

More information about the ukcrypto mailing list