Determining SSL Authenticity - Part III

Dave Cragg dave.cragg at lacscentre.co.uk
Wed Jan 3 16:15:32 EST 2007


On 3 Jan 2007, at 19:47, Mark Smith wrote:

> The one I've been using with https connections (again on OS X) is :
>
> /usr/share/curl/curl-ca-bundle.crt
>
> which seems to work.

It works here too. Thanks for the info.


> Curl again Dave, sorry :)

No problem.

Looking through the Keychain-exported and Curl certificates, I see  
they share a core of what I guess are the mainstream certificates  
(Thwaite, etc.), but both have various other stuff. The Curl file  
says it comes directly from Netscape, which makes me think it's  
probably good. I've no idea how the certificates get into Apple's  
Keychain. Did Apple put them all there, or did I OK various messages  
at times and allow some of them to get there? But I notice the  
Keychain set includes some US DoD cerificates which I don't see in  
the Curl file. Should I feel more secure? :-)

Cheers
Dave



More information about the use-livecode mailing list